General Information
------- -----------

Ethereal is a network traffic analyzer for Unix-ish operating systems.
It is based on GTK+, a graphical user interface library, and libpcap,
a packet capture and filtering library.

The official home of Ethereal is

    http://ethereal.zing.org

The latest distribution can be found in the subdirectory

    http://ethereal.zing.org/distribution


Installation
------------

Ethereal is known to compile and run under Linux (2.0.32) and Solaris
(2.6).  It should run on other systems without too much trouble.


Installation Checklist (Short):

  [ ] 1. Unpack the archive.
  
  [ ] 2. Run './configure; make; make install'.  If there are any
         problems, read on:


Installation Checklist (Long):

  [ ] 0. This is alpha software.  Beware.
  
  [ ] 1. Make sure you have GTK+ installed.  Try running 'gtk-config
         --version'.  If you need to install/reinstall GTK, you can find
         it at

         http://www.gtk.org .

  [ ] 2. Make sure you have libpcap installed.  The latest version can be
         found at
          
         ftp://ftp.ee.lbl.gov .

         Make sure you install the headers ('make install-incl') when you
         install the library.

  [ ] 3. (Linux users)  Currently, the latest version of libpcap (0.4a6 as
         of this writing) doesn't properly support timeouts under Linux. 
         This can adversely affect the responsiveness of the capture
         window.  Brian Costello, the author of Karpski, has a patched
         version of libpcap that supports timeouts at
         
         http://mojo.calyx.net/~btx/karpski.html .
         
         As above, make sure you install the headers ('make install-incl')
         when you install the library.

  [ ] 4. Run './configure' in the Ethereal distribution directory. 
         Running './configure --help' displays a list of options.  The
         file 'INSTALL' contains general instructions for running
         'configure'.
         
  [ ] 5. Run 'make'.  Hopefully, you won't run into any problems.
  
  [ ] 6. Run './ethereal', and make sure things are working.  You must have
         root priveleges in order to capture live data.
         
  [ ] 7. Run 'make install'.  You're done.

         
Usage
-----          

In order to capture packets from the network, you need to be running
as root.  Although it might be tempting to make the Ethereal executable
setuid root, please don't - alpha code is by nature not very robust, and
liable to contain security holes.

Filter strings must have the same format as tcpdump, e.g. 

    port 53 or tcp port 80 

will grab any DNS or HTTP packets.



Disclaimer
----------

There is no warranty, expressed or implied, associated with this product.
Use at your own risk.
