Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
For anyone that is a little curious on how a newbie finally was able to rebuild Ethereal.exe from scratch, and use windbg to step through the code, here are
the details.
Here are all the steps taken to rebuild Ethereal using "nmake" under
Windows 2000. nmake is the command line make utility used by Visual
Studio.
1. Create directory for downloads. This is where all the .zip and
.exe files go.
mkdir c:\users\angus\ethereal
2. Go to web site and download latest .zip and setup files.
http:\\www.ethereal.com
3. Read developer guide
http://www.ethereal.com/distribution/docs/developer-guide.pdf
4. Read win32-readme.txt to get all the juicy details. Here are
some important high level issues:
- WinPcap from http://winpcap.polito.it/
- Use vcvars32.bat to setup development environment
- Will need to modify Makefile.nmake and config.nmake appropriately
- Use cleanbld.bat to clean things up between builds
- nmake -f makefile.nmake
- python http://www.python.org/
4. Here is the distribution of .zip's and .exe's required
to build Ethereal.exe from scratch:
% cd c:\users\angus\ethereal
% mkdir python2.2.2
% ls
Python-2.2.2.exe
WPcapSrc_3_0_a_4.zip
ethereal-0.9.7.tar.gz
extralibs-dev-20000722.zip
glib-dev-20000805.zip
gtk+-dev-20001226.zip
net-snmp-5.0.6.zip
win32-README.txt
zlib-114-dev.zip
5. After unzip'ing and .exe'ing here is what you are left with:
% ls
Python-2.2.2.exe
WPcapSrc_3_0_a_4.zip
ethereal-0.9.7.tar.gz
extralibs-dev-20000722.zip
glib-dev-20000805.zip
gtk+-dev-20001226.zip
net-snmp-5.0.6
net-snmp-5.0.6.zip
ethereal-0.9.7
src
python2.2.2
win32-README.txt
winpcap
zlib-114
zlib-114-dev.zip
5. Changes to ./ethereal-0.9.7/config.nmake
# file: ethereal-0.9.7/config.nmake
.
.
.
# +++angus
#GLIB_DIR=C:\ethereal-win32-libs\glib
#GTK_DIR=C:\ethereal-win32-libs\gtk+
#ZLIB_DIR=C:\ethereal-win32-libs\zlib-1.1.3
#PCAP_DIR=C:\ethereal-win32-libs\WPdpack
GLIB_DIR=C:\users\angus\ethereal\src\glib
GTK_DIR=C:\users\angus\ethereal\src\gtk+
ZLIB_DIR=C:\users\angus\ethereal\zlib-114
PCAP_DIR=C:\users\angus\ethereal\winpcap
.
.
.
# +++angus keep GNU out of this...
#COMMON_FILES_GNU=c:\program files\common files\gnu
.
.
.
# Set path if you need to find some binary
# +++angus - need cygwin path for bison.exe and sed.exe (see below)
#PATH=c:\cygnus\cygwin-b20\H-i586-cygwin32\bin;\
c:\python22;c:\ethereal\wiretap;\
c:\program files\common files\gnu;$(PATH)
PATH=c:\cygnus\cygwin-b20\H-i586-cygwin32\bin;\
c:\users\angus\ethereal\python2.2.2;c:\ethereal\wiretap;\
c:\program files\common files\gnu;$(PATH)
.
.
.
# +++angus
#PYTHON="C:/python22/python.exe"
PYTHON="C:/users/angus/ethereal/python2.2.2/python.exe"
LEX=flex
# +++angus
#YACC=bison.exe
YACC="C:/users/angus/ethereal/ethereal-0.9.7/bison.exe"
5. Changes to ./ethereal-0.9.7/Makefile.nmake
# file: ethereal-0.9.7/Makefile.nmake
.
.
.
# +++angus
CFLAGS=-DHAVE_CONFIG_H $(LOCAL_CFLAGS) /I$(GLIB_DIR) /I$(GLIB_DIR)\gmodule \
/I$(GTK_DIR) /I. /Iwiretap /I$(GTK_DIR)\gdk /I$(GTK_DIR)\gdk\win32 \
/I$(ZLIB_DIR) /I$(PCAP_DIR)\WPCAP\LIBPCAP\Win32\Include \
/I$(PCAP_DIR)\WPCAP\LIBPCAP /I$(PCAP_DIR)\WPCAP\LIBPCAP\BPF \
/I$(PCAP_DIR)/include -D_U_=""
6. Time to rebuild...
Get into cmd.exe, cd to appropriate place, and execute .bat
C:\Program Files\Microsoft Visual Studio\VC98\Bin> vcvars32.bat
Run cleanbld.bat
C:\users\angus\ethereal\ethereal-0.9.7> cleanbld.bat
Run Makefile.nmake
C:\users\angus\ethereal\ethereal-0.9.7> nmake -f Makefile.nmake
NOTE: Not sure how much of the gnu (cygwin) stuff is required...
NOTE: You may need to add '.' to your path
c:\> set PATH=.;%PATH%
NOTE: Here is PATH environment definition that had things
working. If you have the Cygnus tools installed, remove
any/all references to them from your environment PATH:
Path=.;C:\PROGRA~1\MICROS~2\Common\msdev98\BIN;\
C:\PROGRA~1\MICROS~2\VC98\BIN;\
C:\PROGRA~1\MICROS~2\Common\TOOLS\WINNT;\
C:\PROGRA~1\MICROS~2\Common\TOOLS;C:\WINNT\system32;\
C:\WINNT;C:\WINNT\System32\Wbem;\
C:\Program Files\Rational\ClearCase\bin;\
c:\bin;c:\gnu\emacs-20.5\bin
7. First failure
C:\users\angus\ethereal\ethereal-0.9.7>nmake -f Makefile.nmake
Microsoft (R) Program Maintenance Utility Version 6.00.8168.0
Copyright (C) Microsoft Corp 1988-1998. All rights reserved.
cd tools
NMAKE / -f Makefile.nmake
Microsoft (R) Program Maintenance Utility Version 6.00.8168.0
Copyright (C) Microsoft Corp 1988-1998. All rights reserved.
cd lemon
NMAKE / -f Makefile.nmake
Microsoft (R) Program Maintenance Utility Version 6.00.8168.0
Copyright (C) Microsoft Corp 1988-1998. All rights reserved.
cd ..
cd ..
cd wiretap
NMAKE / -f Makefile.nmake
Microsoft (R) Program Maintenance Utility Version 6.00.8168.0
Copyright (C) Microsoft Corp 1988-1998. All rights reserved.
sed -e s/@VERSION@/0.0/ < config.h.win32 > config.h
'sed' is not recognized as an internal or external command,
operable program or batch file.
NMAKE : fatal error U1077: 'sed' : return code '0x1'
Stop.
NMAKE : fatal error U1077: 'C:\PROGRA~1\MICROS~2\VC98\BIN\NMAKE.EXE' : return co
de '0x2'
Stop.
C:\users\angus\ethereal\ethereal-0.9.7>
8. First failure with sed. So, copied version of sed.exe to
current directory (keeps me from having to include the Cygwin
binaries, which could potentially cause some version schews)
C:\users\angus\ethereal\ethereal-0.9.7> copy c:\cygnus\cygwin-b20\h-i586-cygwin32\bin\sed.exe
9. Need to get bison.exe, and change wiretap Makefile.nmake to
find it!
C:\users\angus\ethereal\ethereal-0.9.7> copy c:\cygnus\cygwin-b20\h-i586-cygwin32\bin\bison.exe
10. Try again ... looks like you need to rebuild zlib.lib? Or, use
the correct version of it?
Generating Code...
link /NODEFAULTLIB /INCREMENTAL:NO /PDB:NONE /RELEASE
/NOLOGO -entry:_Dl lMainCRTStartup@12 -dll msvcrt.lib oldnames.lib
kernel32.lib ws2_32.lib mswsock .lib advapi32.lib /DEBUG
/DEF:wtap.def /OUT:wiretap-0.0.dll /IMPLIB:wiretap-0 .0.lib
ascend-grammar.obj ascend-scanner.obj ascend.obj atm.obj
buffer.obj cosine.obj csids.obj dbs-etherwatch.obj etherpeek.obj
file.obj file_wrappe rs.obj i4btrace.obj iptrace.obj lanalyzer.obj
libpcap.obj netmon.obj nettl .obj netxray.obj ngsniffer.obj
radcom.obj pppdump.obj snoop.obj toshiba.ob j visual.obj vms.obj
wtap.obj C:\users\angus\ethereal\src\glib\glib-1.3.lib
C:\users\angus\ethereal\src\zlib-1.1.3\zlib.lib
Creating library wiretap-0.0.lib and object wiretap-0.0.exp
zlib.lib(gzio.o) : error LNK2001: unresolved external symbol __alloca
wiretap-0.0.dll : fatal error LNK1120: 1 unresolved externals
NMAKE : fatal error U1077: 'link' : return code '0x460'
Stop.
NMAKE : fatal error U1077: 'C:\PROGRA~1\MICROS~2\VC98\BIN\NMAKE.EXE' : return co
de '0x2'
Stop.
11. Needed to change how WPCAP/LIBPCAP got referenced from
config.nmake and wiretap/Makefile.nmake
# file: ethereal-0.9.7/wiretap/Makefile.namke
.
.
.
# +++angus
CFLAGS=-DHAVE_CONFIG_H /I$(GLIB_DIR) /I$(ZLIB_DIR) \
/I$(PCAP_DIR) /I$(PCAP_DIR)\Win32\Include /I$(PCAP_DIR)\WPCAP\LIBPCAP \
/I$(PCAP_DIR)\WPCAP\LIBPCAP\bpf -D_U_="" $(LOCAL_CFLAGS)
12. wiretap again ...
83: Cannot open include file: 'bittypes.h': No such file or directory
13. This time gtk
# file: ethereal-0.9.7/gtk/Makefile.namke
.
.
.
CFLAGS=-DHAVE_CONFIG_H /I.. /I../wiretap \
/I$(GLIB_DIR) /I$(GTK_DIR) /I$(GLIB_DIR)/gmodule \
/I$(GTK_DIR)\gdk /I$(GTK_DIR)\gdk\win32 \
/I$(ZLIB_DIR) \
/I$(PCAP_DIR)\WPCAP\LIBPCAP /I$(PCAP_DIR)\WPCAP\LIBPCAP\bpf \
/I$(PCAP_DIR)\WPCAP\LIBPCAP\Win32\Include \
/I$(PCAP_DIR)\WPCAP\LIBPCAP\lbl \
/I$(PCAP_DIR)\include -D_U_="" $(LOCAL_CFLAGS)
14. Whats up with epan/dfilter/scanner.c and unistd.h? Had to
physically edit scanner.c to "temporarily" get around the
references to <unistd.h> and isatty (probably could have
written my own version of it, ...)
/* file: epan/dfilter/scanner.c */
/* +++angus */
#if 0
#include <unistd.h>
#endif
#if YY_NEVER_INTERACTIVE
b->yy_is_interactive = 0;
#else
#if 0
b->yy_is_interactive = file ? (isatty( fileno(file) ) > 0) : 0;
#else
b->yy_is_interactive = 0;
#endif
#endif
#endif
15. See how far we can get this time ...
16. Was getting a lot of the following type of warning messages:
packet-sccp.c(811) : warning C4761: integral size mismatch in
argument; conversion
Igonred them for now ...
17. Build continues ...
18. pcap.h and bittypes.h problem with ethereal-0.9.7\Makefile.make,
had to add the following definitions to PATH=, see
step (5), Changes to ./ethereal-0.9.7/Makefile.nmake, for the
details.
/I$(PCAP_DIR)\WPCAP\LIBPCAP\Win32\Include \
/I$(PCAP_DIR)\WPCAP\LIBPCAP /I$(PCAP_DIR)/include \
/I$(PCAP_DIR)\Win32\Include /I$(PCAP_DIR)\WPCAP\LIBPCAP \
/I$(PCAP_DIR)/include
19. Lets try this again ...
20. Now bpf.h? Again, see step (5), Changes to
./ethereal-0.9.7/Makefile.nmake, for the details.
/I$(PCAP_DIR)\WPCAP\LIBPCAP\Win32\Include \
/I$(PCAP_DIR)\WPCAP\LIBPCAP /I$(PCAP_DIR)\WPCAP\LIBPCAP\BPF
21. Can you believe it? A successful link of
ethereal.exe, along with all the other "support" tools!!!!
Here is what it looks like when everything successfully
links!
.
.
.
Linking ethereal.exe
link @C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nma00312.
rc /r image\tethereal
cl -DWIN32 -DNULL=0 -D_MT -D_DLL -DHAVE_CONFIG_H -Zi \
/IC:\users\angus\ethereal\src\glib \
/IC:\users\angus\ethereal\src\glib\gmodule \
/IC:\users\angus\ethereal\src\gtk+ /I. \
/Iwiretap /IC:\users\angus\ethereal\src\gtk+\gdk \
/IC:\users\angus\ethereal\src\gtk+\gdk\win32 \
/IC:\users\angus\ethereal\zlib-114 \
/IC:\users\angus\ethereal\winpcap\WPCAP\LIBPCAP\Win32\Include \
/IC:\users\angus\ethereal\winpcap\WPCAP\LIBPCAP \
/IC:\users\angus\ethereal\winpcap\WPCAP\LIBPCAP\BPF \
/IC:\users\angus\ethereal\winpcap/include -D_U_="" -Fd.\ -c tethereal.c
Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 12.00.8168 for 80x86
Copyright (C) Microsoft Corp 1984-1998. All rights reserved.
tethereal.c
Linking tethereal.exe
link @C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nmb00312.
rc /r image\editcap
cl -DWIN32 -DNULL=0 -D_MT -D_DLL -DHAVE_CONFIG_H -Zi \
/IC:\users\angus\eth ereal\src\glib \
/IC:\users\angus\ethereal\src\glib\gmodule \
/IC:\users\angus\ethereal\src\gtk+ \
/I. /Iwiretap /IC:\users\angus\ethereal\src\gtk+\gdk \
/IC:\users\angus\ethereal\src\gtk+\gdk\win32 \
/IC:\users\angus\ethereal\zlib-114 \
/IC:\users\angus\ethereal\winpcap\WPCAP\LIBPCAP\Win32\Include \
/IC:\users\angus\ethereal\winpcap\WPCAP\LIBPCAP \
/IC:\users\angus\ethereal\winpcap\WPCAP\LIBPCAP\BPF \
/IC:\users\angus\ ethereal\winpcap/include -D_U_="" -Fd.\ -c editcap.c
Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 12.00.8168 for 80x86
Copyright (C) Microsoft Corp 1984-1998. All rights reserved.
editcap.c
Linking editcap.exe
link @C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nmc00312.
rc /r image\mergecap
cl -DWIN32 -DNULL=0 -D_MT -D_DLL -DHAVE_CONFIG_H -Zi \
/IC:\users\angus\eth ereal\src\glib \
/IC:\users\angus\ethereal\src\glib\gmodule \
/IC:\users\angus\ethereal\src\gtk+ \
/I. /Iwiretap /IC:\users\angus\ethereal\src\gtk+\gdk \
/IC:\users\angus\ethereal\src\gtk+\gdk\win32 \
/IC:\users\angus\ethereal\zlib-114 \
/IC:\users\angus\ethereal\winpcap\WPCAP\LIBPCAP\Win32\Include \
/IC:\users\angus\ethereal\winpcap\WPCAP\LIBPCAP \
/IC:\users\angus\ethereal\winpcap\WPCAP\LIBPCAP\BPF \
/IC:\users\angus\ ethereal\winpcap/include -D_U_="" -Fd.\ -c mergecap.c
Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 12.00.8168 for 80x86
Copyright (C) Microsoft Corp 1984-1998. All rights reserved.
mergecap.c
Linking mergecap.exe
link @C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nmd00312.
rc /r image\text2pcap
cl -DWIN32 -DNULL=0 -D_MT -D_DLL -DHAVE_CONFIG_H -Zi \
/IC:\users\angus\eth ereal\src\glib \
/IC:\users\angus\ethereal\src\glib\gmodule \
/IC:\users\angus\ethereal\src\gtk+ \
/I. /Iwiretap /IC:\users\angus\ethereal\src\gtk+\gdk \
/IC:\users\angus\ ethereal\src\gtk+\gdk\win32 \
/IC:\users\angus\ethereal\zlib-114 \
/IC:\users\angus\ethereal\winpcap\WPCAP\LIBPCAP\Win32\Include \
/IC:\users\angus\ethereal\winpcap\WPCAP\LIBPCAP \
/IC:\users\angus\ethereal\winpcap\WPCAP\LIBPCAP\BPF \
/IC:\users\angus\ ethereal\winpcap/include -D_U_="" -Fd.\
-c text2pcap.c text2pcap-scanner.c
Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 12.00.8168 for 80x86
Copyright (C) Microsoft Corp 1984-1998. All rights reserved.
text2pcap.c
text2pcap-scanner.c
Generating Code...
Linking text2pcap.exe
link @C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nme00312.
C:\users\angus\ethereal\ethereal-0.9.7>
22. Now, you need to install (first uninstall if winPcap has
previously been installed) the latest (or proper)
version of winpcap in order to get this version of ethereal.exe
to work!
23. Can you start to single step/debug Ethereal.exe? Can you start to
understand how all of its magic works under windows? Yes you can!
24. Ethereal.exe looks for certail .dll's in your path. Instead of
finding and copying them all to some system area, simply copy
them to the ethereal-0.9.7 directory.
% cd c:/users/angus/ethereal/ethereal-0.9.7
% cp ./wiretap/wiretap-0.0.dll .
% cp ../src/glib/glib-1.3.dll .
#
# see step (25), had to download gtk_dll.zip in order to find
# the right version of iconv-1.3.dll.
#
% cp ../gtk_dll/iconv-1.3.dll .
% cp ../zlib-114/zlib.dll .
% cp ../src/gtk+/gtk/gtk-1.3.dll .
% cp ../src/gtk+/gdk/gdk-1.3.dll .
% cp ../src/glib/gmodule/gmodule-1.3.dll .
% cp ../src/intl/gnu-intl.dll .
25. iconv-1.3.dll was a hard one. Had to search the web for that one.
Finally was able to extract one from a gtk_dll.zip -
(http://www.alblas.demon.nl/wsat/software/soft_win.html).
26. Go to http://winpcap.polito.it to get and install WinPcap
(wpcap.dll)
27. Lets try this thing one more time ...
28. Finally! you can run Ethereal.exe!
29. On with the show..
30. The ultimate - using windbg to step through Ethereal.exe!
main() entry is from gtk/main.c
% cat startup
.lines
bp main
l+o
l+t
l+s
g
% export NTDEBUGTYPE=windbg
% export PATH=$PATH:"/PROGRAM FILES/Debugging Tools for Windows"
% windbg -n -c "$<startup" -Q -W ethereal ethereal.exe
31. Looks like some things were NOT build for debug mode ...
32. On with the show...
Do you Yahoo!?
HotJobs - Search new jobs daily now
- Prev by Date: Re: [Ethereal-dev] manuf file munging
- Next by Date: Re: [Ethereal-dev] GTP tr_comm has bug
- Previous by thread: Re: [Ethereal-dev] Error compiling Ethereal on win32 after CVS update this morning.
- Index(es):
