Has anyone had any experience building WireShark on SLES10 SP2? I noticed that there's actually a Novell-delivered rpm for SLES11, but I can't see anything like that for my release of zlinux, so I tried to build it myself from source. It seemed to go pretty easily once I'd pulled down a few extra packages (bison, gcc and flex, at least) since we've got very basic Linux servers by default, but I'm not actually sure it's fully functional. When I check the build, the number of "withouts" scare me:
wireshark 1.2.6 Copyright 1998-2010 Gerald Combs <[email protected]> and contributors. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Compiled with GTK+ 2.8.11, with GLib 2.8.6, with libpcap 0.9.4, with libz 1.2.3, without POSIX capabilities, without libpcre, without SMI, without c-ares, without ADNS, without Lua, without GnuTLS, without Gcrypt, without Kerberos, without GeoIP, without PortAudio, without AirPcap. NOTE: this build doesn't support the "matches" operator for Wireshark filter syntax. Running on Linux 2.6.16.60-0.21-default, with libpcap version 0.9.4. Built using gcc 4.1.2 20070115 (SUSE Linux). And while we seemed to get good information for packet tracing via the "any" interface, I can't seem to do any filtering of straight "eth0" data-the same ip address filter that limited the "any" trace gives me absolutely nothing with the actual network card. The problem is that my network analysts want to combine data from wireshark with their OpNet AIX server data to get an end-to-end picture of network traffic, and the "Linux cooked-mode capture" data from the any-interface is killing them. Is this a problem with my build, or a limitation with linux itself and how it generates packet data? I'm leaning towards the former since I'm basically a trained zlinux monkey (I don't really get what all is happening under the covers when I issue the ./configure and make commands-that's what happens when you throw a z/OS programmer into the linux deep end!). The only thing I could figure is to find someone running SLES11, get them to install the wireshark rpm, do the same -v display on it, and try to work my way backwards till my build matches theirs (except for kernel and probably versions, of course). If someone has some insight to share or wants to send me their build info on sles11, I'd love to hear from you! Thanks! Shannon Collinson Systems Programmer, Mainframe Operating Systems SunTrust Banks, Inc. Mail Code GA-ATL-4030 250 Piedmont Ave. NE, Suite 1600 Atlanta, GA 30308 Tel: 404.827.6070 Mobile: 404.642.1280 Fax: 404.581.1688 [email protected] <mailto:[email protected]> Live Solid. Bank Solid. LEGAL DISCLAIMER The information transmitted is intended solely for the individual or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of or taking action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you have received this email in error please contact the sender and delete the material from any computer. SunTrust is a federally registered service mark of SunTrust Banks, Inc. Live Solid. Bank Solid. is a service mark of SunTrust Banks, Inc. [ST:XCL] ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
