内容简介:Wireshark源码安装
通过 apt-get 获得的Wireshark与最新版相比,总是有一些落后的。通过编译源代码安装,则总是能够最及时的尝试Wireshark最新的功能。本文就来与大家分享,通过源码安装Wireshark的过程。
编译安装Wireshark
首先在Wireshark官网下载最新的源码包, 地址 。
当前最新版是2.2.1。下载Wireshark:
wget https://2.na.dl.wireshark.org/src/wireshark-2.2.1.tar.bz2
配置、编译并安装:
$ tar xvf wireshark-2.2.1.tar.bz2 $ cd wireshark-2.2.1 $ ./configure --enable-wireshark --enable-dumpcap --enable-tfshark --with-gnutls --with-gcrypt=yes $ make $ sudo make install
还可以通过 ./configure --help
了解诶Wireshark的更多编译配置选项:
$ ./configure --help `configure' configures Wireshark 2.2.1 to adapt to many kinds of systems. Usage: ./configure [OPTION]... [VAR=VALUE]... To assign environment variables (e.g., CC, CFLAGS...), specify them as VAR=VALUE. See below for descriptions of some of the useful variables. Defaults for the options are specified in brackets. Configuration: -h, --help display this helpandexit --help=short display options specific to this package --help=recursive display the short help of all the included packages -V, --version display version informationandexit -q, --quiet, --silentdonotprint`checking ...' messages --cache-file=FILE cache test results in FILE [disabled] -C, --config-cache alias for `--cache-file=config.cache' -n, --no-create do not create output files --srcdir=DIR find the sources in DIR [configure dir or `..'] Installation directories: --prefix=PREFIX install architecture-independent filesinPREFIX [/usr/local] --exec-prefix=EPREFIX install architecture-dependent filesinEPREFIX [PREFIX] By default, `make install' will install all the files in `/usr/local/bin', `/usr/local/lib' etc. You can specify an installation prefix other than `/usr/local' using `--prefix', for instance `--prefix=$HOME'. For better control, use the options below. Fine tuning of the installation directories: --bindir=DIR user executables [EPREFIX/bin] --sbindir=DIR system admin executables [EPREFIX/sbin] --libexecdir=DIR program executables [EPREFIX/libexec] --sysconfdir=DIR read-only single-machine data [PREFIX/etc] --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] --localstatedir=DIR modifiable single-machine data [PREFIX/var] --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run] --libdir=DIR object code libraries [EPREFIX/lib] --includedir=DIR C header files [PREFIX/include] --oldincludedir=DIR C header filesfornon-gcc [/usr/include] --datarootdir=DIR read-only arch.-independent data root [PREFIX/share] --datadir=DIR read-only architecture-independent data [DATAROOTDIR] --infodir=DIR info documentation [DATAROOTDIR/info] --localedir=DIR locale-dependent data [DATAROOTDIR/locale] --mandir=DIR man documentation [DATAROOTDIR/man] --docdir=DIR documentation root [DATAROOTDIR/doc/wireshark] --htmldir=DIR html documentation [DOCDIR] --dvidir=DIR dvi documentation [DOCDIR] --pdfdir=DIR pdf documentation [DOCDIR] --psdir=DIR ps documentation [DOCDIR] Program names: --program-prefix=PREFIX prepend PREFIX to installed program names --program-suffix=SUFFIX append SUFFIX to installed program names --program-transform-name=PROGRAM run sed PROGRAM on installed program names System types: --build=BUILD configureforbuilding on BUILD [guessed] --host=HOST cross-compile to build programs to run on HOST [BUILD] --target=TARGET configureforbuilding compilersforTARGET [HOST] Optional Features: --disable-option-checking ignore unrecognized --enable/--with options --disable-FEATUREdonotincludeFEATURE (same as --enable-FEATURE=no) --enable-FEATURE[=ARG]includeFEATURE [ARG=yes] --enable-silent-rules less verbose build output (undo:"make V=1") --disable-silent-rules verbose build output (undo:"make V=0") --enable-static[=PKGS] build static libraries [default=no] --enable-shared[=PKGS] build shared libraries [default=yes] --enable-fast-install[=PKGS] optimize for fast installation [default=yes] --enable-dependency-tracking do not reject slow dependency extractors --disable-dependency-tracking speeds up one-time build --disable-libtool-lock avoid locking (mightbreakparallel builds) --enable-osx-deploy-target choose an OS X deployment target [default=major release on which you're building] --disable-largefile omit supportforlarge files --enable-extra-compiler-warnings do additional compiler warnings [default=no] --enable-asan Enable AddressSanitizer (ASAN)fordebugging (degrades performance)[default=no] --enable-checkhf-conflict Enable hf conflict check for debugging (start-up may be slower)[default=no] --enable-warnings-as-errors treat warnings as errors (only for GCC or clang) [default=no] --enable-wireshark build the Wireshark GUI (with Gtk+, Qt,orboth) [default=yes] --enable-packet-editor add supportforpacket editorinWireshark [default=yes] --enable-profile-build build profile-ready binaries [default=no] --enable-tshark build tshark [default=yes] --enable-editcap build editcap [default=yes] --enable-capinfos build capinfos [default=yes] --enable-captype build captype [default=yes] --enable-mergecap build mergecap [default=yes] --enable-reordercap build reordercap [default=yes] --enable-text2pcap build text2pcap [default=yes] --enable-dftest build dftest [default=yes] --enable-randpkt build randpkt [default=yes] --enable-dumpcap build dumpcap [default=yes] --enable-rawshark build rawshark [default=yes] --enable-echld support echld (Experimental) [default=no] --enable-tfshark build tfshark (Experimental) [default=no] --enable-pcap-ng-default use the pcap-ng file format by default instead of pcap [default=yes] --enable-setcap-install install dumpcap with cap_net_adminandcap_net_raw [default=no] --enable-setuid-install install dumpcap as setuid [default=no] --enable-androiddump build androiddump [default=yes] --enable-androiddump-use-libpcap build androiddump using libpcap [default=no] --enable-sshdump build sshdump [default=yes] --enable-ciscodump build ciscodump [default=yes] --enable-randpktdump build randpktdump [default=yes] Optional Packages: --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] --without-PACKAGEdonotuse PACKAGE (same as --with-PACKAGE=no) --with-pic[=PKGS] try to use only PIC/non-PIC objects [default=use both] --with-aix-soname=aix|svr4|both shared library versioning (aka "SONAME") variant to provide on AIX, [default=aix]. --with-gnu-ld assume the C compiler uses GNU ld [default=no] --with-sysroot[=DIR] Searchfordependent libraries within DIR (orthe compiler's sysroot if not specified). --with-qt=[yes/no/4/5] use Qt [default=yes,ifavailable] --with-gtk=[yes/no/2/3] use GTK+ [default=yes,ifavailable] --with-gnutls=[yes/no] use GnuTLS library [default=yes,ifavailable] --with-gcrypt=[yes/no] use gcrypt library [default=yes,ifavailable] --with-libgcrypt-prefix=PFX prefix where LIBGCRYPT is installed (optional) --with-libnl[=VERSION] use libnl (force version VERSION,ifsupplied) [default: yes, if available] --with-libsmi=[DIR] use libsmi MIB/PIB library [default=yes], optionally specify the prefix for libsmi --with-osx-integration use OS X integration functions [default=yes,if available] --with-pcap[=DIR] use libpcapforpacket capturing [default=yes] --with-pcap-remote use libpcap remote capturing (requires libpcap) --with-zlib[=DIR] use zlib (locatedindirectory DIR,ifsupplied)for gzip compression and decompression [default=yes, if available] --with-lua[=DIR] use liblua (locatedindirectory DIR,ifsupplied) for the Lua scripting plugin [default=yes, if available] --with-portaudio[=DIR] use libportaudio (locatedindirectory DIR,if supplied) for the GTK+ RTP player [default=yes, if available] --with-dumpcap-group=GROUP restrict dumpcap to GROUP --with-libcap[=DIR] use libcap (locatedindirectory DIR,ifsupplied) for POSIX.1e capabilities management [default=yes, if present]
一切都很顺利。
权限问题的解决
通过在命令行中输入 wireshark-gtk
,可以执行我们刚刚安装的Wireshark。然而当我们选中一个网卡,想要启动抓包时,则获得了如下的报错:
错误提示说缺乏足够的权限。在命令行中执行 tshark
时同样报错:
$ tshark Running as user "hanpfei0306" and group "hanpfei0306". Capturing on 'wlp3s0' tshark: The capture session could not be initiated on interface 'wlp3s0' (You don't have permission to capture on that device). Please check to make sure you have sufficient permissions, and that you have the proper interface or pipe specified. 0 packets captured
在网上找到了如下的解决方法:
1.添加wireshark用户组
$ sudo groupadd wireshark
2.将dumpcap更改为wireshark用户组
$ sudo chgrp wireshark /usr/bin/dumpcap
3.让wireshark用户组有root权限使用dumpcap
$ sudo chmod 4755 /usr/bin/dumpcap
4.将需要使用的用户名加入wireshark用户组,我的用户名是craftor
$ sudo gpasswd -a hanpfei0306 wireshark
然而这根本不起作用。
突然想到,命令中执行的 tshark 和 wireshark-gtk 所用的dumpcap 是否不是 /usr/bin/dumpcap
呢?查找系统所有名字中包含dumpcap的文件:
$ locate dumpcap /usr/bin/dumpcap /usr/local/bin/dumpcap /usr/local/share/man/man1/dumpcap.1 /usr/local/share/wireshark/dumpcap.html /usr/share/man/man1/dumpcap.1.gz /usr/share/wireshark/dumpcap.html
还真是找到了多个 dumpcap
可执行文件。
我们针对 /usr/local/bin/dumpcap
执行上面类似的步骤:
$ sudo chgrp wireshark /usr/local/bin/dumpcap $ sudo chmod u+s /usr/local/bin/dumpcap
再次在命令中执行tshark:
$ tshark Running as user "hanpfei0306" and group "hanpfei0306". Capturing on 'wlp3s0' 1 0.000000000 fe80::71ee:909:10db:13ec → ff02::fb MDNS 180 Standard query 0x0000 PTR _ftp._tcp.local, "QM" question PTR _nfs._tcp.local, "QM" question PTR _afpovertcp._tcp.local, "QM" question PTR _smb._tcp.local, "QM" question PTR _sftp-ssh._tcp.local, "QM" question PTR _webdavs._tcp.local, "QM" question PTR _webdav._tcp.local, "QM" question 2 0.000054449 10.242.119.221 → 224.0.0.251 MDNS 160 Standard query 0x0000 PTR _ftp._tcp.local, "QM" question PTR _nfs._tcp.local, "QM" question PTR _afpovertcp._tcp.local, "QM" question PTR _smb._tcp.local, "QM" question PTR _sftp-ssh._tcp.local, "QM" question PTR _webdavs._tcp.local, "QM" question PTR _webdav._tcp.local, "QM" question 3 3.193236858 10.242.119.221 → 61.91.161.217 TCP 66 34736→443 [ACK] Seq=1 Ack=1 Win=350 Len=0 TSval=40947011 TSecr=317612596 4 3.345237101 10.242.119.221 → 61.91.161.217 TCP 66 34752→443 [ACK] Seq=1 Ack=1 Win=368 Len=0 TSval=40947049 TSecr=317612749 5 3.654180454 61.91.161.217 → 10.242.119.221 TCP 66 [TCP ACKed unseen segment] 443→34736 [ACK] Seq=1 Ack=2 Win=243 Len=0 TSval=317658055 TSecr=40912897 6 3.713688791 61.91.161.217 → 10.242.119.221 TCP 66 [TCP ACKed unseen segment] 443→34752 [ACK] Seq=1 Ack=2 Win=334 Len=0 TSval=317658110 TSecr=40924362
OK了。
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持 码农网
猜你喜欢:- 源码安装配置 Nginx 记录
- memcached--------基于centos6源码安装
- mysql5.6.8源码安装过程
- centos6.5 go 源码安装
- kubernetes 1.12.0版本,源码编译安装
- CentOS源码安装、配置Nagios(core)+Plugins
本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们。
Algorithms
Robert Sedgewick、Kevin Wayne / Addison-Wesley Professional / 2011-3-19 / USD 89.99
Essential Information about Algorithms and Data Structures A Classic Reference The latest version of Sedgewick,s best-selling series, reflecting an indispensable body of knowledge developed over the ......一起来看看 《Algorithms》 这本书的介绍吧!