How To Compile Wireshark

Let’s allow your protocol to be recognized in Wireshark

Sewio provides Wireshark Protocol Dissector Development Service.

We will create protocol dissector according to your specific needs as a plugin or as native part of Wireshark. Normally, you would need to develop your own protocol dissector quite rarely, so learning the dissector development from the scratch might be not very efficient way. Let’s put this development to our hands and gain from our expertise.

This tutorial describes, how to compile Wireshark on the Windows operation system. We used Windows 7 32-bit operation system. All information below are obtained from Wireshark Developer’s Guide and from README files.

We use full version of the Microsoft Visual Studio 2010. There is also free alternative Visual C++ 2010 Express Edition. For more information please follow this link. The Visual studio should be 2010 or greater.

Download Cygwin from this page. Run Cygwin setup and at the “Select Packages” page, you’ll need to select some additional packages which are not installed by default. Navigate to the required Category/Package row and, if the package has a “Skip” item in the “New” column, click on the “Skip” item so it shows a version number for:

• Archive/unzip
• Archive/zip
• Devel/bison
• Devel/flex
• Interpreters/perl
• Utils/patch
• Web/wget

Get the Python installer from here and install it into default location.

TortoiseSVN is a native Windows graphical Subversion client for Windows. You can download it from tortoisesvn.net .

• Open Windows Explorer and right click on drive C:\
• In context menu select “SVN checkout“.
• URL of repository: “ http://anonsvn.wireshark.org/wireshark/trunk/“
• Checkout directory: C:\wireshark
• TortoiseSVN might ask you to create this directory – say YES
• TortoiseSVN starts downloading the sources

After the download is complete let’s edit config.nmake located in C:\wireshark\config.nmake. We need to edit some definitions (Use CTRL+F for find them out ):

• VERSION_EXTRA Give Wireshark your “private” version info, e.g.: -myprotocol123 – to distinguish it from an official release!
• MSVC_VARIANT Make sure the variant for your compiler is uncommented, and that all others are commented out. In my case, i used Microsoft Visual Studio 2010, so i uncomment this line: MSVC_VARIANT=MSVC2010 and comment all the others (use #). This is in my file:
  # “Microsoft Visual C++ 2008 Express Edition”
  # Visual C++ 9.0, _MSC_VER 1500, msvcr90.dll
  #MSVC_VARIANT=MSVC2008EE# “Microsoft Visual Studio 2010”
  # Visual C++ 10.0, _MSC_VER 1600, msvcr100.dll
  MSVC_VARIANT=MSVC2010# “Microsoft Visual C++ 2010 Express Edition”
  # Visual C++ 10.0, _MSC_VER 1600, msvcr100.dll
  #MSVC_VARIANT=MSVC2010EE

• Run command line as Administrator.
• Than you create a little win script (e.g. “prepare.bat”) and save it to C:\wireshark.
• Here is the script code:
  @echo off
  echo Adding things to the path…
  set PATH=%PATH%;.
  set PATH=%PATH%;c:\cygwin\binecho Setting up Visual Studio environment…
  call “c:\Program Files\Microsoft Visual Studio 10.0\VC\vcvarsall.bat”set WIRESHARK_TARGET_PLATFORM=win32
  title Command Prompt (VC 2010)
• line call c:\Program Files\Microsoft Visual Studio 10.0\VC\vcvarsall.bat depends on version compiler and exact location of vcvarsall.bat.For more information which file belong to your compiler, follow this link
• line with set WIRESHARK_TARGET_PLATFORM=win32 execute 32-bit binaries for target platform. For 64-bit binaries use set WIRESHARK_TARGET_PLATFORM=win64
• Here is table for some cases of operation system and target platform:
  

  Your processor architecture	Target architecture	Value of WIRESHARK_TARGET_PLATFORM	vcvarsall.bat argument
  x86, x64	x86	win32	”x86? (default)
  x86, x64	x64	win64	”x86_amd64?
  x64	x64	win64	”amd64?

• example of code for 32-bit operation system and for 64-bit target platform:
  set WIRESHARK_TARGET_PLATFORM=win64
  call “c:\Program Files\Microsoft Visual Studio 10.0\VC\vcvarsall.bat” x86_amd64
• run prepared script.

• in the prepared command line, enter following command nmake -f Makefile.nmake verify_tools
  output should looks like this:

• Type this to command line nmake -f Makefile.nmake setup. It downloads libraries using wget and installs them. This may take a while.
• If you want in future compile Wireshark to 32-bit platform or 64-bit platform, go to Step 6 and change WIRESHARK_TARGET_PLATFORM. Next you should Install Libraries again and continue from this step.

• You must distclean your sources before building. This step you should do every time before Wireshark compilation takes place.
• nmake -f Makefile.nmake distclean is for cleanup the Wireshark sources

• Let’s create an another little script, just two lines. Named it for example run_script.bat and save it to C:\wireshark.
  nmake -f Makefile.nmake distclean
  nmake -f Makefile.nmake all
• After you run this script, you might need to wait for a while (approximately 10 minutes).
• When this process is finished, you may find the Wireshark executable in C:\wireshark\wireshark-gtk2\wireshark.exe.

• Download NSIS and install
• You may check the MAKENSIS setting in the file config.nmake of the Wireshark sources. Note that the 32-bit version of NSIS will work for both 32-bit and 64-bit versions of Wireshark
• Download Runtime redistributable:
  • For 32-bit target OS. Download vcredist_x86.exe and copy it into C:\wireshark-win32-libs.
  • For 64-bit target OS. Download vcredist_x64.exe and copy it into C:\wireshark-win64-libs.
• If you’ve closed command line, prepare cmd.exe from Step 6
• Type this code nmake -f Makefile.nmake packaging for build Wireshark installer
• In this folder C:\wireshark\packaging\nsis\ you should find wireshark<your version>.exe