前言
由于系统自带的wireshark版本过旧,在分析新类型的抓包时,存在字段不识别的问题。如果不用自带的wireshark,就需要手动tcpdump抓包,并用windows下的wireshark打开。这会导致一个问题,无法实时分析数据包的传输情况。由此,需要在linux下,手动编译最新版本的wireshark,从而能够达到实时分析新型协议栈的效果。
编译教程
注:以下教程以centos8为例
-
安装依赖库
# yum包管理工具 yum install cmake flex bison libtool perl qt5-qtbase-devel qt5-linguist qt5-qtmultimedia-devel qt5-qtsvg-devel automake libuv glib2-devel zlib-devel c-ares-devel libssh-devel systemd-devel gnutls-devel lz4-devel readline-devel libnl3-devel libtiff-devel libjpeg-devel libjpeg-turbo-devel libxml2-devel libcap-devel rubygems-devel bzip2-devel # gem包管理工具 gem install asciidoctor -
编译安装依赖库:help2man
# 参考下载地址 http://mirrors.ustc.edu.cn/gnu/help2man/help2man-1.43.3.tar.gz # 解压缩后,开始编译 ./configure make make install -
编译安装依赖库:makeinfo(textinfo)
# 参考下载地址 http://ftp.gnu.org/gnu/texinfo/texinfo-6.7.tar.xz # 解压缩后,开始编译 ./configure make make install -
编译安装依赖库:libgpg-error
# 参考下载地址 ftp://ftp.gnupg.org/gcrypt/libgpg-error/libgpg-error-1.37.tar.bz2 # 解压缩后,开始编译 ./configure --prefix=/usr make make install && install -v -m644 -D README /usr/share/doc/libgpg-error-1.37/README -
编译安装依赖库:gcrypt
# 参考下载地址 wget ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.8.5.tar.bz2 # 解压缩后,开始编译 ./configure --prefix=/usr make make -C doc html && makeinfo --html --no-split -o doc/gcrypt_nochunks.html doc/gcrypt.texi && makeinfo --plaintext -o doc/gcrypt.txt doc/gcrypt.texi make install && install -v -dm755 /usr/share/doc/libgcrypt-1.8.5 && install -v -m644 README doc/{README.apichanges,fips*,libgcrypt*} \ /usr/share/doc/libgcrypt-1.8.5 && install -v -dm755 /usr/share/doc/libgcrypt-1.8.5/html && install -v -m644 doc/gcrypt.html/* \ /usr/share/doc/libgcrypt-1.8.5/html && install -v -m644 doc/gcrypt_nochunks.html \ /usr/share/doc/libgcrypt-1.8.5 && install -v -m644 doc/gcrypt.{txt,texi} \ /usr/share/doc/libgcrypt-1.8.5 -
编译安装依赖库:libpcap(必选项,否则会导致不能抓包)
# 参考下载地址 https://www.tcpdump.org/release/libpcap-1.9.1.tar.gz # 解压缩后,开始编译 ./configure make make install -
编译安装依赖库:libmaxminddb
# 参考下载地址 https://github.com/maxmind/libmaxminddb/releases/download/1.6.0/libmaxminddb-1.6.0.tar.gz # 解压缩后,开始编译 ./configure make make check make install ldconfig -
编译安装依赖库:libsmi
# 参考下载地址 https://www.ibr.cs.tu-bs.de/projects/libsmi/download/libsmi-0.5.0.tar.gz # 解压缩后,开始编译 ./configure make make check make install -
编译安装依赖库:zlib-1.2.11(包含minizlib)
# 参考下载地址 https://www.zlib.net/zlib-1.3.1.tar.gz # 解压缩后,开始编译 修改configure,修改185行cflag,增加-fPIC ./configure make make install # 可选包 minizip,可以不安装,不影响wireshark的基本功能,用处不大 1. 进入到minizip文件夹 2. 进入文件夹zlib/contrib/minizip,修改makefile,增加如下内容: CFLAGS增加-fPIC LIB_OBJS = unzip.o minizip.o zip.o ioapi.o ../../libz.a libminizip.a: $(LIB_OBJS) ar rcs libminizip.a $(LIB_OBJS) 3. 手动安装库 复制minizip下的头文件到/usr/local/include/minizip 复制minizip下的动态库到/usr/local/lib64 -
编译安装依赖库:brotli-1.0.9
# 参考下载地址 https://github.com/google/brotli/archive/refs/tags/v1.0.9.tar.gz # 解压缩后,开始编译 mkdir out && cd out ../configure-cmake make make test make install -
编译安装依赖库:snappy-1.1.8
# 参考下载地址 https://github.com/google/snappy/archive/refs/tags/1.1.8.tar.gz # 解压缩后,开始编译 mkdir build cd build cmake -DBUILD_SHARED_LIBS=true -DSNAPPY_BUILD_TESTS=0 ../ && make make install -
编译安装依赖库:zstd
# 参考下载地址 https://github.com/facebook/zstd/releases/download/v1.5.6/zstd-1.5.6.tar.gz # 解压缩后,开始编译 make make install -
编译安装依赖库:nghttp2
# 参考下载地址 https://github.com/nghttp2/nghttp2/releases/download/v1.62.1/nghttp2-1.62.1.tar.gz # 解压缩后,开始编译 cd nghttp2-X.Y.Z ./configure make make install -
编译安装依赖库:lua-5.2(不能使用最新版,推荐使用该版本)
# 参考下载地址 https://www.lua.org/ftp/lua-5.2.0.tar.gz # 解压缩后,开始编译 vim /home/wireshark/lua-5.2.4/src/Makefile 增加 -fPIC编译选项,否则,wireshark链接库会出错 make linux make install -
编译安装依赖库:libsndfile
# 参考下载地址 https://github.com/libsndfile/libsndfile/archive/refs/tags/1.2.2.tar.gz # 解压缩后,开始编译 ./configure --enable-werror make make check make install -
编译安装依赖库:sbc
# 参考下载地址 https://www.kernel.org/pub/linux/bluetooth/sbc-2.0.tar.xz # 解压缩后,开始编译 export PKG_CONFIG_PATH=$PKG_CONFIG_PATH:/usr/local/lib/pkgconfig ./bootstrap ./configure --prefix=/usr make make install -
编译安装依赖库:spandsp
# 参考下载地址 https://www.soft-switch.org/downloads/spandsp/spandsp-0.0.6.tar.gz # 解压缩后,开始编译 rm -rf config ./bootstrap ./configure make make install -
编译安装依赖库:bcg729
# 参考下载地址 https://gitlab.linphone.org/BC/public/bcg729/-/archive/1.1.1/bcg729-1.1.1.tar.gz # 解压缩后,开始编译 cmake . -DCMAKE_INSTALL_PREFIX=/usr make make install -
编译安装依赖库:libilbc-2.0.2(不可用最新版)
# 参考下载地址 https://github.com/TimothyGu/libilbc/releases/download/v2.0.2/libilbc-2.0.2.tar.gz # 解压缩后,开始编译 mkdir bulid cd build cmake ../ make make install -
编译安装依赖库:opus-1.1.2
# 参考下载地址 https://github.com/xiph/opus/archive/refs/tags/v1.1.2.tar.gz # 解压缩后,开始编译 ./configure make make install -
编译安装依赖库:doxygen-1.9.2
# 参考下载地址 https://github.com/doxygen/doxygen/archive/refs/tags/Release_1_9_2.tar.gz # 解压缩后,开始编译 mkdir bulid cd build cmake -G "Unix Makefiles" .. make make install -
编译安装依赖库:speexdsp-1.2.1
# 参考下载地址 http://downloads.xiph.org/releases/speex/speexdsp-1.2.1.tar.gz # 解压缩后,开始编译 autogen.sh ./configure --prefix=/usr make make install -
编译安装依赖库:krb5-1.19.2
# 参考下载地址 https://kerberos.org/dist/krb5/1.19/krb5-1.19.2.tar.gz # 解压缩后,开始编译 cd /u1/krb5-VERSION/src ./configure make make install -
编译wireshark
# 参考下载地址 https://2.na.dl.wireshark.org/src/wireshark-4.0.15.tar.xz # 解压缩后,开始编译 mkdir dir cd dir cmake .. -DCMAKE_INSTALL_PREFIX=/home/wireshark-4.0.15 make -j8 -j后面的数字推荐为核数的两倍 make install 注意:安装流程非常重要,涉及到运行环境和插件的调用,否则会出现部分协议栈解析异常
扫一扫
440
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
