466006a3db
svn path=/trunk/; revision=3282
212 lines
7.8 KiB
Text
212 lines
7.8 KiB
Text
$Id: README.win32,v 1.23 2001/04/10 12:29:22 gram Exp $
|
|
|
|
Installing Ethereal, Tethereal, and Editcap on Win32
|
|
====================================================
|
|
These are the instructions for installing Ethereal
|
|
from the installation executable that is provided on
|
|
the Ethereal website and any of its mirrors.
|
|
|
|
The installation package allows you to install:
|
|
|
|
o Ethereal - the GUI version
|
|
o Tethereal - the console, line-mode version
|
|
o Editcap - a console, line-mode utility to convert
|
|
capture files from one format to another.
|
|
(The same functions are available in Ethereal)
|
|
|
|
Additionally, the installation package contains a "plugins"
|
|
option, which installs the Gryphon and MGCP dissector plugins
|
|
for use with Ethereal and Tethereal.
|
|
|
|
The "Debug PDB Files" are useful to install if you are experiencing
|
|
a crash when running and Ethereal. Dr. Watson or your debugger
|
|
can use the information in these files to provide useful information
|
|
to the Ethereal developers that will help them pinpoint the problem.
|
|
However, for general usage of Ethereal, these files are not
|
|
necessary. In the future, we may package them separately from
|
|
Ethereal.
|
|
|
|
In the past, two versions of Ethereal binaries were published -- a
|
|
version that could capture packets and a version which could not.
|
|
The latter is useful if you're only reading files produced by
|
|
another product (e.g., a sniffer, firewall, or intrustion detection system)
|
|
and did not wish to install WinPcap, the library Ethereal uses
|
|
to capture packets on Win32 platforms.
|
|
|
|
Now that WinPcap 2.1 has been released as a DLL, Ethereal can
|
|
detect its presence at run time. Thus, only one version of
|
|
the Ethereal binaries need to be shipped.
|
|
|
|
If you don't want to capture packets, just install the Ethereal
|
|
package. If you do want to capture packets, install Ethereal *and*
|
|
install WinPcap 2.1, available from:
|
|
|
|
http://netgroup-serv.polito.it/winpcap/
|
|
|
|
If you already have WinPcap 2.0 installed, you need to un-install
|
|
it and install WinPcap 2.1. If you use other applications
|
|
that use WinPcap 2.0, you will have to decide which applications
|
|
to keep, since WinPcap 2.0 and WinPcap 2.1 cannot be installed
|
|
on the same system at the same time.
|
|
|
|
If Ethereal is not capturing packets and you have WinPcap installed,
|
|
you can test your WinPcap installation by installing WinDump
|
|
(TCPdump for Windows) ported by the same folks who make WinPcap. It's at:
|
|
|
|
http://netgroup-serv.polito.it/windump/
|
|
|
|
They also make Analyzer, a GUI sniffer for Win32:
|
|
|
|
http://netgroup-serv.polito.it/analyzer/
|
|
|
|
The rest of this documentation is only interesting if
|
|
you want to compile Ethereal yourself.
|
|
|
|
|
|
Running Ethereal, Tethereal, and Editcap on Win32
|
|
=================================================
|
|
You need the glib and gtk libraries for running Ethereal.
|
|
|
|
These packages for win32 can be found at:
|
|
|
|
http://www.ethereal.com/distribution/win32
|
|
|
|
and at the home page for the GTK+ for Win32 project:
|
|
|
|
http://www.gimp.org/~tml/gimp/win32
|
|
|
|
or
|
|
http://www.iki.fi/tml/gimp/win32/
|
|
|
|
(the mirror nearer to you may be faster).
|
|
|
|
Plugins (gryphon.dll and mgcp.dll) can go in:
|
|
C:\Program Files\Ethereal\plugins\<version>
|
|
C:\Ethereal\plugins\<version>
|
|
|
|
Where <version> is the version number, without brackets.
|
|
For example, C:\Ethereal\plugins\0.8.16
|
|
|
|
Yes, the location of plugins needs to be more flexible.
|
|
|
|
Make sure the glib and gtk DLL's are in your path - i.e., that your path
|
|
includes the directory (folder) or directories (folders) in which those
|
|
DLLs are found - when you run Ethereal. This includes gtk-*.dll,
|
|
glib-*.dll, gmodule-*.dll, gdk-*.dll, gnu-intl.dll, and iconv-*.dll.
|
|
As of the 20000805 GTK+/GLIB distribution, gthread-*.dll is no longer needed.
|
|
|
|
The Win32 Binary distribution, available from
|
|
|
|
http://www.ethereal.com/distribution/win32
|
|
|
|
used different version of the GTK+/GLIB libraries at different points
|
|
in time:
|
|
|
|
Ethereal Version GTK+/GLIB version
|
|
---------------- -----------------
|
|
0.8.16 and after 20001226
|
|
0.8.11 - 0.8.15 20000805
|
|
0.8.9 - 0.8.10 20000416
|
|
0.8.8 and before 19990828
|
|
|
|
|
|
Capturing Packets
|
|
-----------------
|
|
In order to capture with Win32, you need to install the NDIS
|
|
packet capture driver for your particular Win32 OS; drivers for Windows
|
|
9x, Windows NT 4.0, and Windows 2000 can be downloaded from the
|
|
WinPcap home page:
|
|
|
|
http://netgroup-serv.polito.it/winpcap/
|
|
|
|
|
|
Compiling the Ethereal distribution from source
|
|
===============================================
|
|
You'll need the development package for GLIB, GTK+, and WinPcap.
|
|
Those versions are available from the respctive home pages for
|
|
each project (the same URLs as listed above). The development
|
|
packages contain header files and stub libaries to link against.
|
|
|
|
The use of an SNMP library has not been made to work yet in
|
|
Ethereal/Win32, but a binary distribution of the UCD SNMP package,
|
|
including header files and a DLL of the UCD SNMP library, can be had
|
|
from:
|
|
|
|
ftp://ftp.revelstone.com/snmp/binaries/
|
|
|
|
The file will probably be called "ucd-snmp-X.X-x86-win32.zip", where
|
|
"X.X" is the version number of the UCD SNMP library.
|
|
|
|
Instructions for MS Visual C
|
|
----------------------------
|
|
Modify the config.nmake file in the top directory of the Ethereal
|
|
source tree to work for your local configuration. You should not
|
|
have to modify any other Makefile.
|
|
|
|
In order to compile, at least with the default settings, you
|
|
also need zlib, which is provided as an archive library, not
|
|
a DLL. The pre-compiled zlib which comes with the "extralibs"
|
|
package from Gimp/Win32 is faulty; a working version can be
|
|
downloaded from:
|
|
|
|
http://www.ethereal.com/distribution/win32/zlib-1.1.3-fixed.zip
|
|
|
|
Be sure that your command-line environment is set up to compile
|
|
and link with MSVC. When installing MSVC, you can have your
|
|
system's environment set up to always allow compiling from the
|
|
command line, or you can invoke the vcvars32.bat script.
|
|
|
|
In the ethereal directory, type "nmake -f makefile.nmake". It will
|
|
recurse into the subdirectories as appropriate.
|
|
|
|
Some generated source is created by traditionally "Unix-ish" tools.
|
|
If you are building from an official distribution, these files are
|
|
already generated, so you have nothing to worry about unless you
|
|
modify the source. If building from a CVS image, you'll need the tools
|
|
to generate C source. The "special" files and their requisite tools are:
|
|
|
|
Source Output Tool
|
|
------ ------ ----
|
|
config.h.in config.h sed
|
|
dfilter-scanner.l *.c Flex
|
|
wiretap/ascend-scanner.l *.c Flex
|
|
wiretap/ascend-grammar.y *.c,*.h Bison/Yacc
|
|
ncp2222.py packet-ncp2222.c Python
|
|
|
|
make-reg-dotc, packet*.c register.c Bash + grep + sed
|
|
or
|
|
make-reg-dotc.py, packet*.c register.c Python
|
|
|
|
The Makefile.nmake supplied with the Ethereal distribution will
|
|
attempt to make register.c with Python, since it is much much much
|
|
faster than the shell version. The reason it is faster is because
|
|
the shell version launches multiple processes (grep, sed) for each
|
|
source file, multiple times. The Python script is one process. This
|
|
matters a lot on Win32. If for some reason you want to build register.c
|
|
with the shell script, uncomment out the action line for the register.c
|
|
target in Makefile.nmake.
|
|
|
|
If you have a Unix system handy, you can first build on Unix
|
|
to create the source files that these tools make, then run the build
|
|
on Windows. That will avoid the need for these tools on your Windows
|
|
computer.
|
|
|
|
If you don't have a Unix system handy, most of those tools are available for
|
|
Win32 systems as part of the Cygwin package:
|
|
|
|
http://sourceware.cygnus.com/cygwin/
|
|
|
|
After installing them, you will probably have to modify the config.nmake
|
|
file to specify where the Cygwin binaries are installed.
|
|
|
|
Python for Win32 is available from
|
|
|
|
http://www.python.org/
|
|
|
|
|
|
Instructions for Cygwin
|
|
-----------------------
|
|
No one has ever compiled Ethereal entirely with Cygwin. It should not
|
|
be difficult, however. This spot is reserved for your instructions on
|
|
how to compile Ethereal with Cygwin.
|