source: basicnet/netutils/wireshark.xml@ 358241d1

10.0 10.1 11.0 11.1 11.2 11.3 12.0 12.1 7.10 7.4 7.5 7.6 7.6-blfs 7.6-systemd 7.7 7.8 7.9 8.0 8.1 8.2 8.3 8.4 9.0 9.1 basic bdubbs/svn elogind gnome kde5-13430 kde5-14269 kde5-14686 kea ken/TL2024 ken/inkscape-core-mods ken/tuningfonts krejzi/svn lazarus lxqt nosym perl-modules plabs/newcss plabs/python-mods python3.11 qt5new rahul/power-profiles-daemon renodr/vulkan-addition systemd-11177 systemd-13485 trunk upgradedb xry111/intltool xry111/llvm18 xry111/soup3 xry111/test-20220226 xry111/xf86-video-removal
Last change on this file since 358241d1 was 358241d1, checked in by Randy McMurchy <randy@…>, 15 years ago

Removed unnecessary references to pkgconfig as it is now in LFS

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@7864 af4574ff-66df-0310-9fd7-8a98e5e911e0
  • Property mode set to 100644
File size: 14.9 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6
7 <!ENTITY wireshark-download-http "http://www.wireshark.org/download/src/all-versions/wireshark-&wireshark-version;.tar.bz2">
8 <!ENTITY wireshark-download-ftp "&sources-anduin-ftp;/w/wireshark-&wireshark-version;.tar.bz2">
9 <!ENTITY wireshark-md5sum "e57a8c8b364c38df3da97e2ee9f0d0bc">
10 <!ENTITY wireshark-size "11.8 MB">
11 <!ENTITY wireshark-buildsize "449 MB">
12 <!ENTITY wireshark-time "6.4 SBU">
13]>
14
15<sect1 id="wireshark" xreflabel="Wireshark-&wireshark-version;">
16 <?dbhtml filename="wireshark.html"?>
17
18 <sect1info>
19 <othername>$LastChangedBy$</othername>
20 <date>$Date$</date>
21 </sect1info>
22
23 <title>Wireshark-&wireshark-version;</title>
24
25 <indexterm zone="wireshark">
26 <primary sortas="a-Wireshark">Wireshark</primary>
27 </indexterm>
28
29 <sect2 role="package">
30 <title>Introduction to Wireshark</title>
31
32 <para>The <application>Wireshark</application> package contains a network
33 protocol analyzer, also known as a <quote>sniffer</quote>. This is useful
34 for analyzing data captured <quote>off the wire</quote> from a live network
35 connection, or data read from a capture file.
36 <application>Wireshark</application> provides both a graphical and TTY-mode
37 front-end for examining captured network packets from over 500 protocols,
38 as well as the capability to read capture files from many other popular
39 network analyzers.</para>
40
41 <bridgehead renderas="sect3">Package Information</bridgehead>
42 <itemizedlist spacing="compact">
43 <listitem>
44 <para>Download (HTTP): <ulink url="&wireshark-download-http;"/></para>
45 </listitem>
46 <listitem>
47 <para>Download (FTP): <ulink url="&wireshark-download-ftp;"/></para>
48 </listitem>
49 <listitem>
50 <para>Download MD5 sum: &wireshark-md5sum;</para>
51 </listitem>
52 <listitem>
53 <para>Download size: &wireshark-size;</para>
54 </listitem>
55 <listitem>
56 <para>Estimated disk space required: &wireshark-buildsize;</para>
57 </listitem>
58 <listitem>
59 <para>Estimated build time: &wireshark-time;</para>
60 </listitem>
61 </itemizedlist>
62
63 <bridgehead renderas="sect3">Additional Downloads</bridgehead>
64 <itemizedlist spacing="compact">
65 <listitem>
66 <para>Additional Documentation: <ulink
67 url="http://www.wireshark.org/docs/"/></para>
68 </listitem>
69 </itemizedlist>
70
71 <para>From this page you can download many different docs in a variety
72 of formats.</para>
73
74 <bridgehead renderas="sect3">Wireshark dependencies</bridgehead>
75
76 <bridgehead renderas="sect4">Required</bridgehead>
77 <para role="required"><xref linkend="GLib"/> or <xref linkend="glib2"/>
78 (to build the TTY-mode front-end only)</para>
79
80 <para>Note that if you don't have <application>Gtk+</application>
81 installed, you will need to pass <option>--disable-wireshark</option>
82 to the <command>configure</command> command.</para>
83
84 <bridgehead renderas="sect4">Recommended</bridgehead>
85 <para role="recommended"><xref linkend="libpcap"/>
86 (required to capture data)</para>
87
88 <bridgehead renderas="sect4">Optional</bridgehead>
89 <para role="optional"><!-- <xref linkend="pkgconfig"/>, -->
90 <xref linkend="GTK"/> or <xref linkend="gtk2"/> (to build the GUI front-end),
91 <xref linkend="openssl"/>,
92 <xref linkend="heimdal"/> or <xref linkend="mitkrb"/>,
93 <xref linkend="python"/>,
94 <xref linkend="pcre"/>,
95 <xref linkend="gnutls"/>,
96 <ulink url="http://www.net-snmp.org/">Net-SNMP</ulink>,
97 <ulink url="http://www.gnu.org/software/adns/adns.html">adns</ulink>, and
98 <ulink url="http://www.lua.org/">Lua</ulink></para>
99
100 <!-- Though configure looks for all these, and the developers I'm
101 sure use them, the doc sources are not included in the release
102 tarball (they are in SVN, though)
103 <bridgehead renderas="sect4">Optional (to build additional
104 documentation)</bridgehead>
105 <para role="optional"><xref linkend="doxygen"/>,
106 <xref linkend="libxml"/>,
107 <xref linkend="libxslt"/>, and
108 <xref linkend="fop"/></para>
109 -->
110
111 <para condition="html" role="usernotes">User Notes:
112 <ulink url="&blfs-wiki;/wireshark"/></para>
113
114 </sect2>
115
116 <sect2 role="kernel" id="wireshark-kernel">
117 <title>Kernel Configuration</title>
118
119 <para>The kernel must have the Packet protocol enabled for
120 <application>Wireshark</application> to capture live packets from the
121 network. Enable the Packet protocol by choosing <quote>Y</quote> in the
122 <quote>Networking</quote> &ndash; <quote>Packet socket</quote>
123 configuration parameter. Alternatively, build the
124 <filename>af_packet.ko</filename> module by choosing <quote>M</quote> in
125 this parameter.</para>
126
127 <indexterm zone="wireshark wireshark-kernel">
128 <primary sortas="d-Capturing-network-packets">Capturing network
129 packets</primary>
130 </indexterm>
131
132 </sect2>
133
134 <sect2 role="installation">
135 <title>Installation of Wireshark</title>
136
137 <para>Install <application>Wireshark</application> by running the following
138 commands:</para>
139
140<screen><userinput>./configure --prefix=/usr \
141 --sysconfdir=/etc \
142 --enable-threads &amp;&amp;
143make</userinput></screen>
144
145 <para>This package does not come with a test suite.</para>
146
147 <para>Now, as the <systemitem class="username">root</systemitem> user:</para>
148
149<screen role="root"><userinput>make install &amp;&amp;
150
151install -v -m755 -d /usr/share/doc/wireshark-&wireshark-version; &amp;&amp;
152install -v -m644 FAQ README{,.linux} doc/README.* doc/*.{pod,txt} \
153 /usr/share/doc/wireshark-&wireshark-version; &amp;&amp;
154pushd /usr/share/doc/wireshark-&wireshark-version; &amp;&amp;
155for FILENAME in ../../wireshark/*.html; do \
156 ln -s -v $FILENAME .
157done &amp;&amp;
158popd &amp;&amp;
159
160install -v -m644 -D wireshark.desktop \
161 /usr/share/applications/wireshark.desktop &amp;&amp;
162install -v -m644 -D image/wsicon48.png \
163 /usr/share/pixmaps/wireshark.png &amp;&amp;
164install -v -m755 -d /usr/share/pixmaps/wireshark &amp;&amp;
165install -v -m644 image/*.{png,ico,xpm,bmp} \
166 /usr/share/pixmaps/wireshark</userinput></screen>
167
168 <para>If you downloaded any of the documentation files from the page
169 listed in the 'Additional Downloads', install them by issuing the following
170 commands as the <systemitem class="username">root</systemitem> user:</para>
171
172<screen role="root"><userinput>install -v -m644 <replaceable>&lt;Downloaded_Files&gt;</replaceable> /usr/share/doc/wireshark-&wireshark-version;</userinput></screen>
173
174 </sect2>
175
176 <sect2 role="commands">
177 <title>Command Explanations</title>
178
179 <para><parameter>--enable-threads</parameter>: This parameter enables the
180 use of threads in <command>wireshark</command>.</para>
181
182 <para><option>--with-ssl</option>: This parameter is required if you
183 are linking Kerberos libraries into the build so that the
184 <application>OpenSSL</application>
185 <filename class='libraryfile'>libcrypto</filename> library is found.</para>
186
187 </sect2>
188
189 <sect2 role="configuration">
190 <title>Configuring Wireshark</title>
191
192 <sect3 id="wireshark-config">
193 <title>Config Files</title>
194
195 <para><filename>/etc/wireshark.conf</filename> and
196 <filename>~/.wireshark/*</filename></para>
197
198 <indexterm zone="wireshark wireshark-config">
199 <primary sortas="e-AA.wireshark-star">~/.wireshark/*</primary>
200 </indexterm>
201
202 <indexterm zone="wireshark wireshark-config">
203 <primary sortas="e-etc-wireshark.conf">/etc/wireshark.conf</primary>
204 </indexterm>
205
206 </sect3>
207
208 <sect3>
209 <title>Configuration Information</title>
210
211 <para>Though the default configuration parameters are very sane,
212 reference the configuration section of the
213 <ulink url="http://www.wireshark.org/docs/wsug_html/">Wireshark User's
214 Guide</ulink> for configuration information. Most of
215 <application>Wireshark</application>'s configuration can be accomplished
216 using the menu options of the <command>wireshark</command>
217 graphical interface.</para>
218
219 <note>
220 <para>If you want to look at packets, make sure you don't filter
221 them out with <xref linkend="iptables"/>. If you want to exclude
222 certain classes of packets, it is more efficient to do it with
223 <application>iptables</application> than it is with
224 <application>Wireshark</application>.</para>
225 </note>
226
227 </sect3>
228
229 </sect2>
230
231 <sect2 role="content">
232 <title>Contents</title>
233
234 <segmentedlist>
235 <segtitle>Installed Programs</segtitle>
236 <segtitle>Installed Libraries</segtitle>
237 <segtitle>Installed Directories</segtitle>
238
239 <seglistitem>
240 <seg>capinfos, dftest, dumpcap, editcap, idl2wrs, mergecap, randpkt,
241 text2pcap, tshark and wireshark</seg>
242 <seg>libwireshark.so, libwiretap.so and numerous dissector plugin
243 modules</seg>
244 <seg>/usr/lib/wireshark, /usr/share/doc/wireshark-&wireshark-version;,
245 /usr/share/pixmaps/wireshark and /usr/share/wireshark</seg>
246 </seglistitem>
247 </segmentedlist>
248
249 <variablelist>
250 <bridgehead renderas="sect3">Short Descriptions</bridgehead>
251 <?dbfo list-presentation="list"?>
252 <?dbhtml list-presentation="table"?>
253
254 <varlistentry id="capinfos">
255 <term><command>capinfos</command></term>
256 <listitem>
257 <para>reads a saved capture file and returns any or all of several
258 statistics about that file. It is able to detect and read any capture
259 supported by the <application>Wireshark</application> package.</para>
260 <indexterm zone="wireshark capinfos">
261 <primary sortas="b-capinfos">capinfos</primary>
262 </indexterm>
263 </listitem>
264 </varlistentry>
265
266 <varlistentry id="dftest">
267 <term><command>dftest</command></term>
268 <listitem>
269 <para>is a display-filter-compiler test program.</para>
270 <indexterm zone="wireshark dftest">
271 <primary sortas="b-dftest">dftest</primary>
272 </indexterm>
273 </listitem>
274 </varlistentry>
275
276 <varlistentry id="dumpcap">
277 <term><command>dumpcap</command></term>
278 <listitem>
279 <para>is a network traffic dump tool. It lets you capture packet data
280 from a live network and write the packets to a file.</para>
281 <indexterm zone="wireshark dumpcap">
282 <primary sortas="b-dumpcap">dumpcap</primary>
283 </indexterm>
284 </listitem>
285 </varlistentry>
286
287 <varlistentry id="editcap">
288 <term><command>editcap</command></term>
289 <listitem>
290 <para>edits and/or translates the format of capture files. It knows
291 how to read <application>libpcap</application> capture files,
292 including those of <command>tcpdump</command>,
293 <application>Wireshark</application> and other tools that write
294 captures in that format.</para>
295 <indexterm zone="wireshark editcap">
296 <primary sortas="b-editcap">editcap</primary>
297 </indexterm>
298 </listitem>
299 </varlistentry>
300
301 <varlistentry id="idl2wrs">
302 <term><command>idl2wrs</command></term>
303 <listitem>
304 <para>takes a user specified CORBA
305 IDL file and generates <quote>C</quote> source code that
306 can be used to create an <application>Wireshark</application>
307 plugin.</para>
308 <indexterm zone="wireshark idl2wrs">
309 <primary sortas="b-idl2wrs">idl2wrs</primary>
310 </indexterm>
311 </listitem>
312 </varlistentry>
313
314 <varlistentry id="mergecap">
315 <term><command>mergecap</command></term>
316 <listitem>
317 <para>combines multiple saved capture files into a single output
318 file.</para>
319 <indexterm zone="wireshark mergecap">
320 <primary sortas="b-mergecap">mergecap</primary>
321 </indexterm>
322 </listitem>
323 </varlistentry>
324
325 <varlistentry id="randpkt">
326 <term><command>randpkt</command></term>
327 <listitem>
328 <para>creates random-packet capture files.</para>
329 <indexterm zone="wireshark randpkt">
330 <primary sortas="b-randpkt">randpkt</primary>
331 </indexterm>
332 </listitem>
333 </varlistentry>
334
335 <varlistentry id="text2pcap">
336 <term><command>text2pcap</command></term>
337 <listitem>
338 <para>reads in an ASCII hex dump and writes the
339 data described into a <application>libpcap</application>-style
340 capture file.</para>
341 <indexterm zone="wireshark text2pcap">
342 <primary sortas="b-text2pcap">text2pcap</primary>
343 </indexterm>
344 </listitem>
345 </varlistentry>
346
347 <varlistentry id="tshark">
348 <term><command>tshark</command></term>
349 <listitem>
350 <para>is a TTY-mode network protocol analyzer. It lets you capture
351 packet data from a live network or read packets from a
352 previously saved capture file.</para>
353 <indexterm zone="wireshark tshark">
354 <primary sortas="b-tshark">tshark</primary>
355 </indexterm>
356 </listitem>
357 </varlistentry>
358
359 <varlistentry id="wireshark-prog">
360 <term><command>wireshark</command></term>
361 <listitem>
362 <para>is a GUI network protocol analyzer. It lets you interactively
363 browse packet data from a live network or from a previously
364 saved capture file.</para>
365 <indexterm zone="wireshark wireshark-prog">
366 <primary sortas="b-wireshark">wireshark</primary>
367 </indexterm>
368 </listitem>
369 </varlistentry>
370
371 <varlistentry id="libwireshark">
372 <term><filename class='libraryfile'>libwireshark.so</filename></term>
373 <listitem>
374 <para>contains functions used by the
375 <application>Wireshark</application> programs to perform filtering and
376 packet capturing.</para>
377 <indexterm zone="wireshark libwireshark">
378 <primary sortas="c-libwireshark">libwireshark.so</primary>
379 </indexterm>
380 </listitem>
381 </varlistentry>
382
383 <varlistentry id="libwiretap">
384 <term><filename class='libraryfile'>libwiretap.so</filename></term>
385 <listitem>
386 <para>is a library being developed as a future replacement for
387 <filename class='libraryfile'>libpcap</filename>, the current
388 standard Unix library for packet capturing. For more information,
389 see the <filename>README</filename> file in the source
390 <filename class='directory'>wiretap</filename> directory.</para>
391 <indexterm zone="wireshark libwiretap">
392 <primary sortas="c-libwiretap">libwiretap.so</primary>
393 </indexterm>
394 </listitem>
395 </varlistentry>
396
397 </variablelist>
398
399 </sect2>
400
401</sect1>
Note: See TracBrowser for help on using the repository browser.