Building Wireshark 1.4.3 for 32-bit Windows

Why bother to write a log about building Wireshark?  Because the standard build does not work.  This log describes how to work around the defects and build wireshark with various versions of Microsoft Visual Studio.

Microsoft Visual Studio 6 cannot be used.  epan, The Ethernet Protocol Analyser, does not build under Visual Studio 6.  As far as I can tell, there’s no good reason for this.  The problems lie in the syntax of 64 bit int supprt.

Wireshark creates a a directory, C:\wireshark-win32-libs-1.4.  This directory hold wireshark versions of 3rd party libraries used in the build.  GeoIP is broken.

The current cygpath (part of cygwin) is broken.  If you find it causes your build to fail, edit tools/ and change calls to cygpath –dos to cygpath –windows.

Install Cygwin. You’ll need the following packages.

  • base/tar
  • archive/unzip
  • devel/bison
  • devel/flex
  • interpreters/perl
  • utils/patch
  • web/wget

Download Python.  My version is 2.7.

Download wireshark-1.4.3.tar.bz2

Edit wireshark-1.4.3/config.nmake

  • Enable Python removing comments from the two lines PYTHON_VER and PYTHON_DIR
  • Set PYTHON_VER=27
  • Comment the line starting GEOIP_DIR
  • Note that some known broken packages are already commented out, like PCRE
  • Set the appropriate Visual Studio version with: MSVC2005, MSVC2008, MSVC2010.
  • I have confirms that Visual Stdio Version 2005, 2008 and 2010 build wireshark.

Change directory to wireshark-1.4.3 and run:

  • nmake -f Makefile.nmake setup
  • nmake -f Makefile.nmake all

~ by kbw333 on January 30, 2011.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: