Manualshelf

User Guide

ManualsBrandsWireshark ManualsSoftwareWireshark Wireshark - 1.5
21222324252627282930
Building and Installing Wireshark
15
Tools (additional command line tools to work with capture files):
Editcap - Editcap is a program that reads a capture file and writes some or all of the packets into another
capture file.
Text2Pcap - Text2pcap is a program that reads in an ASCII hex dump and writes the data into a libpcap-
style capture file.
Mergecap - Mergecap is a program that combines multiple saved capture files into a single output file.
Capinfos - Capinfos is a program that provides information on capture files.
Rawshark - Rawshark is a raw packet filter.
User's Guide - Local installation of the User's Guide. The Help buttons on most dialogs will require an
internet connection to show help pages if the User's Guide is not installed locally.
2.8.1.2. "Additional Tasks" page
Start Menu Shortcuts - add some start menu shortcuts.
Desktop Icon - add a Wireshark icon to the desktop.
Quick Launch Icon - add a Wireshark icon to the Explorer quick launch toolbar.
Associate file extensions to Wireshark - Associate standard network trace files to Wireshark.
2.8.1.3. "Install WinPcap?" page
The Wireshark installer contains the latest released WinPcap installer.
If you don't have WinPcap installed, you won't be able to capture live network traffic, but you will still
be able to open saved capture files.
Currently installed WinPcap version - the Wireshark installer detects the currently installed WinPcap
version.
Install WinPcap x.x - if the currently installed version is older than the one which comes with the
Wireshark installer (or WinPcap is not installed at all), this will be selected by default.
Start WinPcap service "NPF" at startup - so users without administrative privileges can capture.
More WinPcap info:
Wireshark related: http://wiki.wireshark.org/WinPcap
General WinPcap info: http://www.winpcap.org
2.8.1.4. Command line options
You can simply start the Wireshark installer without any command line parameters, it will show you the
usual interactive installer.
For special cases, there are some command line parameters available:
/NCRC disables the CRC check