Several libraries are needed to build / run Wireshark. Most of the libraries are splitted into three packages: Runtime package: binaries (e.g. win32 DLL's) and alike Developer package: documentation, header files and alike Source package: library sources, usually not required to build Wireshark Win32: All required libraries for the MSVC generation are available at: , but see for an easier way to install the libraries.

Binary libraries are available in different formats, depending on the C compiler (see ) used to build it and of course the platform they were build for.

If you have installed unix binary libraries on your system, they will match the C compiler. If not already installed, the libraries should be available as a package from the platform installer, or you can download and compile the source and install that binaries then.

Recommended for current Win32 Wireshark releases. Most of the Win32 binary libraries you will find on the web are in this format. You will recognize MSVC libraries by the .lib/.dll file extension.

Currently not widely available, but the first libraries in that format can be seen on the web. These libraries have the same .lib/.dll file extension, but unfortunately they are not completely compatible as they are linked with different dependant libraries, see for some further explanations.

Cygwin provides most of the required libraries (with file extension .a/.lib) for Wireshark suitable for cygwin's gcc compiler.

You can download/install all required libraries by using the setup target of the Makefile.nmake from the source package. It's a really good idea to use the Win32 automated library download to install the required libraries as it makes this download very easy. Before you start the download, you must have installed both the required tools (see ) and also the Wireshark sources (see ). By default the libraries will be downloaded and installed into C:\wireshark-win32-libs. You can change this to any other location by editing the file config.nmake and changing the line containing the WIRESHARK_LIBS setting to your favourite place (use an absolute path here). Then enter at the command line: > nmake -f Makefile.nmake setup This will first check for all the various tools needed to build Wireshark, as described already in . Then it will download the zipped libraries (together around 30MB!) from the server location at: into the directory specified by WIRESHARK_LIBS and install (unzip) all required library files there. If you have problems downloading the library files, you might be connected to the internet through a proxy/firewall. In this case see the wget proxy comment in .

As new versions of the libraries become available, maybe with bugfixes or some new functionality, your libraries get outdated. You could simply remove everything in the WIRESHARK_LIBS dir and call the setup target again, but that would require to download every file again, which isn't necessary. The following will bring your libraries up to date: Update your Wireshark sources to the latest SVN files (see ), so the zip filenames in the setup target of Makefile.nmake is in sync with the library zip files on the server. Remove all files previously unzipped from the downloaded files in your WIRESHARK_LIBS library path (all the subdirs, e.g. c:\wireshark-win32-libs\gtk+), except for the zip files located at the toplevel, which are the files downloaded the last time(s). You could do this, be entering at the command line: > nmake -f Makefile.nmake clean_setup Start the setup target described above. As wget will download only the missing files, existing zip files in the WIRESHARK_LIBS dir won't be downloaded again. Remaining (outdated) zip files shouldn't do any harm.

The Glib library is used as a basic platform abstraction library, it's not related to graphical user interface (GUI) things. For a detailed description about GLib, see . The GTK and it's dependant libraries are used to build Wireshark's GUI. For a detailed description of the GTK libraries, see . All other libraries are dependant on the two libraries mentioned above, you will typically not come in touch with these while doing Wireshark development. As the requirements for the GLib/GTK libraries increased in the past, it depends on the GLib/GTK versions you have, which additional libraries are required. The 1.x versions only needed GLib/GDK/GTK+, while the 2.x versions require all mentioned libs.

The GLib/GTK+ libraries are available for many unix-like platforms and cygwin. If these libraries aren't already installed and also not available as a package for your platform, you can get them at: .

You can get the latest version at: .

"Various tools relating to the Simple Network Management Protocol"

If this library isn't already installed and also not available as a package for your platform, you can get it at: .

Wireshark uses the source Net-SNMP distribution at . Then libsnmp is compiled with the "libsnmp - Win32 Release" project using MSVC++ 6.0. A file called "README.wireshark" has been placed in the net-snmp zip archive at describing the changes in more detail.

"Advanced, easy to use, asynchronous-capable DNS client library and utilities."

If this library isn't already installed and also not available as a package for your platform, you can get it at: .

You can get the latest version at:

"Perl compatible regular expressions"

If this library isn't already installed and also not available as a package for your platform, you can get it at: .

You can get the latest version at:

"zlib is designed to be a free, general-purpose, legally unencumbered -- that is, not covered by any patents -- lossless data-compression library for use on virtually any computer hardware and operating system."

If this library isn't already installed and also not available as a package for your platform, you can get it at: .

You can get the latest version at: (A version for the MSVC2003 compiler can be found at: )

"packet capture library"

If this library isn't already installed and also not available as a package for your platform, you can get it at: .

You can get the "Windows packet capture library" at:

The "GNU Transport Layer Security Library" is used to dissect SSL and TLS protocols (aka: HTTPS).

If this library isn't already installed and also not available as a package for your platform, you can get it at: .

We roll our own version using:

The "Gcrypt Library" is Low-level encryption library and provides support for many ciphers, such as DES, 3DES, AES, Blowfish, and others..

If this library isn't already installed and also not available as a package for your platform, you can get it at: .

Part of our homemade GnuTLS package.

The Kerberos library is used to dissect Kerberos, sealed DCERPC and secureLDAP protocols.

If this library isn't already installed and also not available as a package for your platform, you can get it at: . XXX - Is it supported on *NIX at all?

You can get the latest version of KfW "Kerberos for Windows" at:

The LUA library is used to add scripting support to Wireshark.

If this library isn't already installed and also not available as a package for your platform, you can get it at: .

You can get the latest version at:

The PortAudio library enables audio output for RTP streams.

If this library isn't already installed and also not available as a package for your platform, you can get it at: .

You can get the latest version at:

"GTK-Wimp ("Windows impersonator") is a GTK theme that blends well into the Windows desktop environment." GTK-Wimp can be used to get a native Look-and-Feel on WinXP machines, especially with the "coloured" WinXP theme. It will only take effect together with the GTK2 version of Wireshark. No changes to the Wireshark sources are needed, GTK-Wimp simply changes the way GTK2 displays the widgets (by changing the GTK2 default theme). Wimp is available at: . Since GTK version 2.8 the GTK Wimp is included in the GTK releases, so no need to download/install it seperately if these versions used.