How to Install the Latest Wireshark from Source on Debian or Ubuntu Linux

By | 2013/06/07

Wireshark unfortunately does not provide a .deb package for their releases. However, it is possible to create and install a .deb package from source. I’ll show you how!


First, grab the latest source code tarball from wireshark.org:

https://www.wireshark.org/download.html

-> Source Code


Next, install all wireshark dependencies:

$ sudo apt-get build-dep wireshark


Install some needed Debian packages if you have not already:

$ sudo apt-get install build-essential checkinstall libcurl4-openssl-dev


Next, extract the tarball you downloaded from wireshark.org:

$ tar xvf wireshark-*.tar.bz2

Now time to configure and install:

$ cd wireshark-*

$ ./configure --with-ssl --enable-setcap-install --with-dumpcap-group=wireshark

$ make -j4

And finally:

$ sudo checkinstall --fstrans=no

When prompted, enter y then name the package: wireshark.


stmiller@brahms:~/Downloads/wireshark-1.10.0$ sudo checkinstall 
[sudo] password for stmiller: 

checkinstall 1.6.2, Copyright 2009 Felipe Eduardo Sanchez Diaz Duran
           This software is released under the GNU GPL.


The package documentation directory ./doc-pak does not exist. 
Should I create a default set of package docs?  [y]: y

Preparing package documentation...OK

Please write a description for the package.
End your description with an empty line or EOF.
>> wireshark
>> 

*****************************************
**** Debian package creation selected ***
*****************************************

This package will be built according to these values: 

0 -  Maintainer: [ root@brahms ]
1 -  Summary: [ wireshark ]
2 -  Name:    [ wireshark ]
3 -  Version: [ 1.10.0 ]
4 -  Release: [ 1 ]
5 -  License: [ GPL ]
6 -  Group:   [ checkinstall ]
7 -  Architecture: [ amd64 ]
8 -  Source location: [ wireshark-1.10.0 ]
9 -  Alternate source location: [  ]
10 - Requires: [  ]
11 - Provides: [ wireshark ]
12 - Conflicts: [  ]
13 - Replaces: [  ]

Enter a number to change any of them or press ENTER to continue: 

Installing with make install...

Some of the files created by the installation are inside the home directory: /home

You probably don't want them to be included in the package.
Do you want me to list them?  [n]: n
Should I exclude them from the package? (Saying yes is a good idea)  [n]: yes

Some of the files created by the installation are inside the build
directory: /home/stmiller/Downloads/wireshark-1.10.0

You probably don't want them to be included in the package,
especially if they are inside your home directory.
Do you want me to list them?  [n]: n
Should I exclude them from the package? (Saying yes is a good idea)  [y]: y

Copying files to the temporary directory...

Stripping ELF binaries and libraries...OK

Compressing man pages...OK

Building file list...OK

Building Debian package...OK

Installing Debian package...OK

Erasing temporary files...OK

Writing backup package...
OK

Deleting temp dir...OK


**********************************************************************

 Done. The new package has been installed and saved to

 /home/stmiller/Downloads/wireshark-1.10.0/wireshark_1.10.0-1_amd64.deb

 You can remove it from your system anytime using: 

      dpkg -r wireshark

**********************************************************************

stmiller@brahms:~/Downloads/wireshark-1.10.0$ 


Note: you may have to run this command:

$ sudo ldconfig


And finally, ‘sudo wireshark’ will run wireshark:

wireshark_source

Note you should be able to run wireshark as a regular user, but I am looking into why this is not currently working for me. Stay tuned….