Update the README.
The formatting was mostly AsciiDoc-compliant. Take it the rest of the way. Update the list of supported operating sytems, along with other info. Use HTTPS URLs. Remove README.tru64 while we're here. Change-Id: Ibd9cac5d9f3cdcc7de9c9d7052c14e851e108cbe Reviewed-on: https://code.wireshark.org/review/17014 Reviewed-by: Gerald Combs <gerald@wireshark.org> Petri-Dish: Gerald Combs <gerald@wireshark.org> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit is contained in:
parent
38a38abc17
commit
635f0a5c2c
|
@ -830,7 +830,6 @@ EXTRA_DIST = \
|
|||
README.hpux \
|
||||
README.linux \
|
||||
README.macos \
|
||||
README.tru64 \
|
||||
README.vmware \
|
||||
README.windows \
|
||||
abi-descriptor.template \
|
||||
|
|
103
README
103
README
|
@ -1,8 +1,8 @@
|
|||
General Information
|
||||
------- -----------
|
||||
-------------------
|
||||
|
||||
Wireshark is a network traffic analyzer, or "sniffer", for Unix and
|
||||
Unix-like operating systems. It uses GTK+, a graphical user interface
|
||||
Unix-like operating systems. It uses Qt, a graphical user interface
|
||||
library, and libpcap, a packet capture and filtering library.
|
||||
|
||||
The Wireshark distribution also comes with TShark, which is a
|
||||
|
@ -15,40 +15,41 @@ from the capture.
|
|||
|
||||
The official home of Wireshark is
|
||||
|
||||
http://www.wireshark.org
|
||||
https://www.wireshark.org
|
||||
|
||||
The latest distribution can be found in the subdirectory
|
||||
|
||||
http://www.wireshark.org/download
|
||||
https://www.wireshark.org/download
|
||||
|
||||
|
||||
Installation
|
||||
------------
|
||||
|
||||
Wireshark is known to compile and run on the following systems:
|
||||
The Wireshark project builds and tests regularly on the following platforms:
|
||||
|
||||
- Linux (2.0 and later kernels, various distributions)
|
||||
- Solaris (2.5.1 and later)
|
||||
- FreeBSD (2.2.5 and later)
|
||||
- NetBSD
|
||||
- OpenBSD
|
||||
- OS X (10.2 and later)
|
||||
- HP-UX (10.20, 11.00, 11.11)
|
||||
- Sequent PTX v4.4.5 (Nick Williams <njw@sequent.com>)
|
||||
- Tru64 UNIX (formerly Digital UNIX) (3.2 and later)
|
||||
- Irix (6.5)
|
||||
- AIX (4.3.2, with a bit of work)
|
||||
- Windows (2003, XP, Vista, 7)
|
||||
- Linux (Ubuntu)
|
||||
- Microsoft Windows
|
||||
- macOS / OS X
|
||||
|
||||
and possibly on other versions of those OSes. It should run on other
|
||||
Unix-ish systems without too much trouble.
|
||||
Official installation packages are available for Microsoft Windows and
|
||||
macOS.
|
||||
|
||||
If you have an older version of the operating systems listed above, it
|
||||
might be supported by an older version of Wireshark. In particular,
|
||||
Windows 2000 is supported by Wireshark 1.2.x, Windows NT 4.0 is supported by
|
||||
Wireshark 0.99.4, and Windows 95, 98, and ME are supported by Ethereal 0.99.0.
|
||||
It is available as either a standard or add-on package for many popular
|
||||
operating sytems and Linux distributions including Debian, Ubuntu, Fedora,
|
||||
CentOS, RHEL, Arch, Gentoo, openSUSE, FreeBSD, DragonFly BSD, NetBSD, and
|
||||
OpenBSD.
|
||||
|
||||
NOTE: the Makefile appears to depend on GNU "make"; it doesn't appear to
|
||||
Additionaly it is available through many third-party packaging systems
|
||||
such as pkgsrc, OpenCSW, Homebrew, and MacPorts.
|
||||
|
||||
It should run on other Unix-ish systems without too much trouble.
|
||||
|
||||
In some cases the current version of Wireshark might not support your
|
||||
operating system. This is the case for Windows XP, which is supported by
|
||||
Wireshark 1.10 and earlier. In other cases the standard package for
|
||||
Wireshark might simply be old. This is the case for Solaris and HP-UX.
|
||||
|
||||
NOTE: The Makefile depends on GNU "make"; it doesn't appear to
|
||||
work with the "make" that comes with Solaris 7 nor the BSD "make".
|
||||
|
||||
Both Perl and Python are needed, the former for building the man pages.
|
||||
|
@ -61,7 +62,8 @@ version must be 2.5.1 or greater. Check this with 'flex -V'.
|
|||
You must therefore install Perl, Python, GNU "make", "flex", and either "bison"
|
||||
or Berkeley "yacc" on systems that lack them.
|
||||
|
||||
Full installation instructions can be found in the INSTALL file.
|
||||
Full installation instructions can be found in the INSTALL file and in the
|
||||
Developer's Guide at https://www.wireshark.org/docs/wsdg_html_chunked/
|
||||
|
||||
See also the appropriate README.<OS> files for OS-specific installation
|
||||
instructions.
|
||||
|
@ -136,22 +138,24 @@ Or, if your system has the "script" command installed, you can save
|
|||
a shell session, including telnet to a file. For example, to a file named
|
||||
tracefile.out:
|
||||
|
||||
----
|
||||
$ script tracefile.out
|
||||
Script started on <date/time>
|
||||
$ telnet router
|
||||
..... do your trace, then exit from the router's telnet session.
|
||||
$ exit
|
||||
Script done on <date/time>
|
||||
|
||||
|
||||
|
||||
IPv6
|
||||
----
|
||||
If your operating system includes IPv6 support, wireshark will attempt to
|
||||
use reverse name resolution capabilities when decoding IPv6 packets.
|
||||
|
||||
If you want to turn off name resolution while using wireshark, start
|
||||
wireshark with the "-n" option to turn off all name resolution (including
|
||||
|
||||
Name Resolution
|
||||
---------------
|
||||
|
||||
Wireshark will attempt to use reverse name resolution capabilities
|
||||
when decoding IPv4 and IPv6 packets.
|
||||
|
||||
If you want to turn off name resolution while using Wireshark, start
|
||||
Wireshark with the "-n" option to turn off all name resolution (including
|
||||
resolution of MAC addresses and TCP/UDP/SMTP port numbers to names), or
|
||||
with the "-N mt" option to turn off name resolution for all
|
||||
network-layer addresses (IPv4, IPv6, IPX).
|
||||
|
@ -161,14 +165,10 @@ box using the Preferences item in the Edit menu, selecting "Name
|
|||
resolution", turning off the appropriate name resolution options,
|
||||
clicking "Save", and clicking "OK".
|
||||
|
||||
If you would like to compile wireshark without support for IPv6 name
|
||||
resolution, use the "--disable-ipv6" option with "./configure". If you
|
||||
compile wireshark without IPv6 name resolution, you will still be able to
|
||||
decode IPv6 packets, but you'll only see IPv6 addresses, not host names.
|
||||
|
||||
|
||||
SNMP
|
||||
----
|
||||
|
||||
Wireshark can do some basic decoding of SNMP packets; it can also use
|
||||
the libsmi library to do more sophisticated decoding, by reading MIB
|
||||
files and using the information in those files to display OIDs and
|
||||
|
@ -180,21 +180,22 @@ option.
|
|||
|
||||
How to Report a Bug
|
||||
-------------------
|
||||
Wireshark is still under constant development, so it is possible that you will
|
||||
encounter a bug while using it. Please report bugs at http://bugs.wireshark.org.
|
||||
|
||||
Wireshark is under constant development, so it is possible that you will
|
||||
encounter a bug while using it. Please report bugs at https://bugs.wireshark.org.
|
||||
Be sure you enter into the bug:
|
||||
|
||||
1) the complete build information from the "About Wireshark"
|
||||
item in the Help menu or the output of "wireshark -v" for
|
||||
Wireshark bugs and the output of "tshark -v" for TShark bugs;
|
||||
1. The complete build information from the "About Wireshark"
|
||||
item in the Help menu or the output of "wireshark -v" for
|
||||
Wireshark bugs and the output of "tshark -v" for TShark bugs;
|
||||
|
||||
2) if the bug happened on Linux, the Linux distribution you were
|
||||
using, and the version of that distribution;
|
||||
2. If the bug happened on Linux, the Linux distribution you were
|
||||
using, and the version of that distribution;
|
||||
|
||||
3) the command you used to invoke Wireshark, if you ran
|
||||
Wireshark from the command line, or TShark, if you ran
|
||||
TShark, and the sequence of operations you performed that
|
||||
caused the bug to appear.
|
||||
3. The command you used to invoke Wireshark, if you ran
|
||||
Wireshark from the command line, or TShark, if you ran
|
||||
TShark, and the sequence of operations you performed that
|
||||
caused the bug to appear.
|
||||
|
||||
If the bug is produced by a particular trace file, please be sure to
|
||||
attach to the bug a trace file along with your bug description. If the
|
||||
|
@ -208,11 +209,13 @@ trace can be obtained by using your debugger ('gdb' in this example),
|
|||
the wireshark binary, and the resulting core file. Here's an example of
|
||||
how to use the gdb command 'backtrace' to do so.
|
||||
|
||||
----
|
||||
$ gdb wireshark core
|
||||
(gdb) backtrace
|
||||
..... prints the stack trace
|
||||
(gdb) quit
|
||||
$
|
||||
----
|
||||
|
||||
The core dump file may be named "wireshark.core" rather than "core" on
|
||||
some platforms (e.g., BSD systems). If you got a core dump with
|
||||
|
@ -227,5 +230,7 @@ Use at your own risk.
|
|||
|
||||
|
||||
Gerald Combs <gerald@wireshark.org>
|
||||
|
||||
Gilbert Ramirez <gram@alumni.rice.edu>
|
||||
|
||||
Guy Harris <guy@alum.mit.edu>
|
||||
|
|
49
README.tru64
49
README.tru64
|
@ -1,49 +0,0 @@
|
|||
The following instructions are applicable to Tru64 UNIX
|
||||
(formerly Digital UNIX (formerly DEC OSF/1)) version 4.0, and
|
||||
probably to later versions as well; at least some options apply to
|
||||
Digital UNIX 3.2 - perhaps all do.
|
||||
|
||||
In order to use kernel packet filtering on this system, you have
|
||||
to configure it in such a way :
|
||||
|
||||
Kernel configuration
|
||||
--------------------
|
||||
|
||||
The packet filtering kernel option must be enabled at kernel
|
||||
installation. If it was not the case, you can rebuild the kernel with
|
||||
"doconfig -c" after adding the following line in the kernel
|
||||
configuration file (/sys/conf/<HOSTNAME>):
|
||||
|
||||
option PACKETFILTER
|
||||
|
||||
or use "doconfig" without any arguments to add the packet filter driver
|
||||
option via the kernel option menu (see the system administration
|
||||
documentation for information on how to do this).
|
||||
|
||||
Device configuration
|
||||
--------------------
|
||||
|
||||
Devices used for packet filtering must be created thanks to
|
||||
the following command (executed in the /dev directory):
|
||||
|
||||
./MAKEDEV pfilt
|
||||
|
||||
Interface configuration
|
||||
-----------------------
|
||||
|
||||
In order to capture all packets on a network, you may want to allow
|
||||
applications to put the interface on that network into "local copy"
|
||||
mode, so that Wireshark can see packets sent by the host on which it's
|
||||
running as well as packets received by that host, and to put the
|
||||
interface into "promiscuous" mode, so that Wireshark can see packets on
|
||||
the network segment not sent to the host on which it's running, by using
|
||||
the pfconfig(1) command:
|
||||
|
||||
pfconfig +c +p <network_device>
|
||||
|
||||
or allow application to put any interface into "local copy" or
|
||||
"promiscuous" mode by using the command:
|
||||
|
||||
pfconfig +c +p -a
|
||||
|
||||
Note: all instructions given require root privileges.
|
Loading…
Reference in New Issue