MacOS Quick Start (Using Homebrew) ----------------------------------- > Note that this method is particularly recommended for M1 and later Macs. 1. Install the latest Xcode from the MacOS app store. See https://guide.macports.org/#installing.xcode for details. 2. Install Homebrew (https://brew.sh/) 3. From the top-level source directory, run tools/macos-setup-brew.sh and wait for it to complete. Note: You may set the environment variable HOMEBREW_NO_AUTO_UPDATE=1 if you do not want the script to update homebrew. 4. Create a build directory and enter it: mkdir build && cd build 5. Configure the build: cmake .. 6. Build wireshark! make -j The wireshark binary will be found at run/wireshark under your build directory. Note that for subsequent builds, you will only need to enter the build directory and run "make -j". Note that if you cannot use homebrew, or otherwise need to manually install prerequisites, you cannot use this method; continue reading for more detailed instructions. Non-Homebrew Setup and Build of Wireshark for macOS ---------------------------------------------------- This file tries to help building Wireshark for macOS (The Operating System Formerly Known As Mac OS X And Then OS X) (Wireshark does not work on the classic Mac OS). You must have the developer tools (called Xcode) installed. For versions of macOS up to and including Snow Leopard, Xcode 3 should be available on the install DVD; Xcode 4 is available for download from developer.apple.com and, for Lion and later releases, from the Mac App Store. See https://guide.macports.org/#installing.xcode for details. For Xcode 4, you will need to install the command-line tools; select Preferences from the Xcode menu, select Downloads in the Preferences window, and install Command Line Tools. You must also have GLib and, if you want to build Wireshark as well as TShark, you must have also Qt installed. You can download precompiled Qt packages and source code from https://www.qt.io/download or use the tools/macos-setup.sh script described below. You should have CMake installed; you can download binary distributions for macOS from https://cmake.org/download/ The tools/macos-setup.sh script can be used to download, patch as necessary, build as necessary, and install those libraries and the libraries on which they depend, along with tools such as CMake; it will, by default, also install other libraries that can be used by Wireshark and TShark. The versions of libraries and tools to download are specified by variables set early in the script; you can comment out the settings of optional libraries if you don't want them downloaded and installed. Before running the tools/macos-setup.sh script, and before attempting to build Wireshark, make sure your PKG_CONFIG_PATH environment variable's setting includes /usr/local/lib/pkgconfig. The tools/macos-setup.sh script must be run from the top-level source directory. After you have installed those libraries: 1. It is generally recommended to install Qt with the online installer provided by Qt - see https://www.qt.io/download If you are building on an Apple Silicon machine, it is highly recommended to use at least Qt 6.2.4, as this architecture is not fully supported with Qt 5.15 2. Make a directory in which Wireshark is to be built, separate from the top-level source directory for Wireshark - it can be a subdirectory of that top-level source directory; 3. cd to that directory, and run CMake, with an argument that is a path to the top-level source directory; 4. When CMake finishes, run make to build Wireshark. For example, to build Wireshark in a subdirectory of the top-level source directory, named "build", do, from the top-level source directory; mkdir build cd build cmake .. make It is also possible to use the Xcode IDE to build and debug Wireshark using cmake's Xcode generator. Create a separate build directory, as described above and run cmake with the "-G Xcode" argument to create a Xcode project file in the current directory. cmake -G Xcode .. 1. Double click Wireshark.xcodeproj 2. Choose to create schemes manually 3. Create a scheme for the ALL_BUILD target 4. Edit the scheme, go to the run configuration and select Wireshark.app as executable If you upgrade the major release of macOS on which you are building Wireshark, we advise that, before you do any builds after the upgrade, you remove the build directory and all its subdirectories, and repeat the above process, re-running CMake and rebuilding from scratch. On Snow Leopard (10.6) and later releases, if you are building on a machine with a 64-bit processor (with the exception of the early Intel Core Duo and Intel Core Solo machines, all Apple machines with Intel processors have 64-bit processors), the C/C++/Objective-C compiler will build 64-bit by default. This means that you will, by default, get a 64-bit version of Wireshark. One consequence of this is that, if you built and installed any required or optional libraries for Wireshark on an earlier release of macOS, those are probably 32-bit versions of the libraries, and you will need to un-install them and rebuild them on your current version of macOS, to get 64-bit versions. Some required and optional libraries require special attention if you install them by building from source code on Snow Leopard and later releases; the tools/macos-setup.sh script will handle that for you. GLib - the GLib configuration script determines whether the system's libiconv is GNU iconv or not by checking whether it has libiconv_open(), and the compile will fail if that test doesn't correctly indicate whether libiconv is GNU iconv. In macOS, libiconv is GNU iconv, but the 64-bit version doesn't have libiconv_open(); a workaround for this is to replace all occurrences of "libiconv_open" with "iconv_open" in the configure script before running the script. The tools/macos-setup.sh setup script will patch GLib to work around this. libgcrypt - the libgcrypt configuration script attempts to determine which flavor of assembler-language routines to use based on the platform type determined by standard autoconf code. That code uses uname to determine the processor type; however, in macOS, uname always reports "i386" as the processor type on Intel machines, even Intel machines with 64-bit processors, so it will attempt to assemble the 32-bit x86 assembler-language routines, which will fail. The workaround for this is to run the configure script with the --disable-asm argument, so that the assembler-language routines are not used. The tools/macos-setup.sh will configure libgcrypt with that option.