How to Install tshark on OpenWrt

Hello community,

I am running OpenWrt on a Raspberry Pi 4 and I would like to install tshark, the command-line version of Wireshark. However, I am having trouble finding and installing tshark on my OpenWrt setup.

Could anyone provide guidance on how to install tshark on OpenWrt for a Raspberry Pi 4? Specifically, I am looking for:

  • The necessary steps or commands to install tshark.
  • Any dependencies that need to be installed beforehand.

You will need to save with tcpdump then transfer packet capture to desktop wireshark.

1 Like

Thank you for the reply, mate. However, I need to run the command:

tshark -r "Captures/${filename}.pcap" -T json > "Captures/${filename}.json"

to obtain JSON data for backend work.

You need to create tshark package, it is huge with non-trivial dependencies.

1 Like

I found this on GitHub: https://github.com/liudonghua/wireshark-openwrt.
Could you please check it and let me know if it's valid before I proceed with the installation?

you want fries with that ?

seems you don't install, but compile, as a 1st step.

wireshark 2.2.1 for openwrt 18.06 branch on arch X86.

are you running 18.06 ?

1 Like

Model: Raspberry Pi 4 Model B Rev 1.4
Architecture: ARMv8 Processor rev 3
Target Platform: bcm27xx/bcm2711
Firmware Version: OpenWrt 23.05.0 r23497-6637af95aa / LuCI openwrt-23.05 branch git-24.212.79335-cdbe903

I am super noob to this openwrt. I need to use tshark only for covert pcap file to json file (pcap2json, scapy, pyshark did't gave wanted output). My attempts to cross-compile (by cloning OpenWrt to my host) have been unsuccessful. My Makefile commands did not work as expected.

At least help me out for this to make correct compilation.

define Build/Compile
	cd $(PKG_BUILD_DIR)/tools/lemon && make
	$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \
		DESTDIR="$(PKG_INSTALL_DIR)" \
		CC="$(TARGET_CC)" \
		install
endef

@predators_46

Thank you for your help. I've tried many times, but it hasn't worked. That's why I'm seeking answers from the community again, hoping to get at least a clue!

Correct compilation of what? On what host platform?

of wireshark_4.4.0_aarch64_cortex-a72.ipk

In Makefile (define Build/compile) I have tried different types of code, including suggestions from AI, but none of them worked.

Used Kali Linux 2024.3 and Ubuntu 22.04.4 LTS

Edit your posts taking out what was said by AI or properly attribute it.
You need to show errors you het, not AI generated file fragments.
Or install kale linux for all your json needs. It is not a valid build platform.

This is the output I got after recompile.

make[2]: Entering directory '/home/kirula/Downloads/openwrt/package/network/utils/wireshark'
mkdir -p /home/kirula/Downloads/openwrt/dl
SHELL= flock /home/kirula/Downloads/openwrt/tmp/.wireshark-4.4.0.tar.xz.flock -c '  	/home/kirula/Downloads/openwrt/scripts/download.pl "/home/kirula/Downloads/openwrt/dl" "wireshark-4.4.0.tar.xz" "50a9ae3a9b90f92d6f352531fe68fbd2" "" "https://www.wireshark.org/download/src/"    '
+ curl -f --connect-timeout 20 --retry 5 --location https://www.wireshark.org/download/src/wireshark-4.4.0.tar.xz
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 44.6M  100 44.6M    0     0  2693k      0  0:00:16  0:00:16 --:--:-- 2939k
touch /home/kirula/Downloads/openwrt/build_dir/target-aarch64_cortex-a72_musl/wireshark-4.4.0/.prepared_afea001ed3d1ab1e18d72a9290465da9_6664517399ebbbc92a37c5bb081b5c53_check
. /home/kirula/Downloads/openwrt/include/shell.sh; xzcat /home/kirula/Downloads/openwrt/dl/wireshark-4.4.0.tar.xz | tar -C /home/kirula/Downloads/openwrt/build_dir/target-aarch64_cortex-a72_musl/wireshark-4.4.0/.. -xf -
[ ! -d ./src/ ] || cp -fpR ./src/. /home/kirula/Downloads/openwrt/build_dir/target-aarch64_cortex-a72_musl/wireshark-4.4.0
touch /home/kirula/Downloads/openwrt/build_dir/target-aarch64_cortex-a72_musl/wireshark-4.4.0/.prepared_afea001ed3d1ab1e18d72a9290465da9_6664517399ebbbc92a37c5bb081b5c53
rm -f /home/kirula/Downloads/openwrt/build_dir/target-aarch64_cortex-a72_musl/wireshark-4.4.0/.configured_*
rm -f /home/kirula/Downloads/openwrt/staging_dir/target-aarch64_cortex-a72_musl/stamp/.wireshark_installed
(cd /home/kirula/Downloads/openwrt/build_dir/target-aarch64_cortex-a72_musl/wireshark-4.4.0; rm -f aclocal.m4; if [ -f ./configure.ac ] || [ -f ./configure.in ]; then [ -d ./autom4te.cache ] && rm -rf ./autom4te.cache; [ -e ./config.rpath ] || ln -s /home/kirula/Downloads/openwrt/scripts/config.rpath ./config.rpath; touch NEWS AUTHORS COPYING ABOUT-NLS ChangeLog; AUTOM4TE=/home/kirula/Downloads/openwrt/staging_dir/host/bin/autom4te AUTOCONF=/home/kirula/Downloads/openwrt/staging_dir/host/bin/autoconf AUTOMAKE=/home/kirula/Downloads/openwrt/staging_dir/host/bin/automake ACLOCAL=/home/kirula/Downloads/openwrt/staging_dir/host/bin/aclocal AUTOHEADER=/home/kirula/Downloads/openwrt/staging_dir/host/bin/autoheader LIBTOOLIZE=/home/kirula/Downloads/openwrt/staging_dir/host/bin/libtoolize LIBTOOL=/home/kirula/Downloads/openwrt/staging_dir/host/bin/libtool M4=/home/kirula/Downloads/openwrt/staging_dir/host/bin/m4 AUTOPOINT=true GTKDOCIZE=true LIBTOOLIZE='/home/kirula/Downloads/openwrt/staging_dir/host/bin/libtoolize --install' /home/kirula/Downloads/openwrt/staging_dir/host/bin/autoreconf -v -f -i -B /home/kirula/Downloads/openwrt/staging_dir/host/share/aclocal -I /home/kirula/Downloads/openwrt/staging_dir/target-aarch64_cortex-a72_musl/host/share/aclocal -I /home/kirula/Downloads/openwrt/staging_dir/hostpkg/share/aclocal -I /home/kirula/Downloads/openwrt/staging_dir/target-aarch64_cortex-a72_musl/usr/share/aclocal -I m4 -I . . || true; fi; );
(cd /home/kirula/Downloads/openwrt/build_dir/target-aarch64_cortex-a72_musl/wireshark-4.4.0/./; if [ -x ./configure ]; then find /home/kirula/Downloads/openwrt/build_dir/target-aarch64_cortex-a72_musl/wireshark-4.4.0/ -name config.guess | xargs -r chmod u+w; find /home/kirula/Downloads/openwrt/build_dir/target-aarch64_cortex-a72_musl/wireshark-4.4.0/ -name config.guess | xargs -r -n1 cp --remove-destination /home/kirula/Downloads/openwrt/scripts/config.guess; find /home/kirula/Downloads/openwrt/build_dir/target-aarch64_cortex-a72_musl/wireshark-4.4.0/ -name config.sub | xargs -r chmod u+w; find /home/kirula/Downloads/openwrt/build_dir/target-aarch64_cortex-a72_musl/wireshark-4.4.0/ -name config.sub | xargs -r -n1 cp --remove-destination /home/kirula/Downloads/openwrt/scripts/config.sub; AR="aarch64-openwrt-linux-musl-gcc-ar" AS="aarch64-openwrt-linux-musl-gcc -c -Os -pipe -fno-caller-saves -fno-plt -fhonour-copts -fmacro-prefix-map=/home/kirula/Downloads/openwrt/build_dir/target-aarch64_cortex-a72_musl/wireshark-4.4.0=wireshark-4.4.0 -Wformat -Werror=format-security -fstack-protector -D_FORTIFY_SOURCE=1 -Wl,-z,now -Wl,-z,relro -ffunction-sections -fdata-sections" LD="aarch64-openwrt-linux-musl-ld.bfd" NM="aarch64-openwrt-linux-musl-gcc-nm" CC="aarch64-openwrt-linux-musl-gcc" GCC="aarch64-openwrt-linux-musl-gcc" CXX="aarch64-openwrt-linux-musl-g++" RANLIB="aarch64-openwrt-linux-musl-gcc-ranlib" STRIP=aarch64-openwrt-linux-musl-strip OBJCOPY=aarch64-openwrt-linux-musl-objcopy OBJDUMP=aarch64-openwrt-linux-musl-objdump SIZE=aarch64-openwrt-linux-musl-size CFLAGS="-Os -pipe -fno-caller-saves -fno-plt -fhonour-copts -fmacro-prefix-map=/home/kirula/Downloads/openwrt/build_dir/target-aarch64_cortex-a72_musl/wireshark-4.4.0=wireshark-4.4.0 -Wformat -Werror=format-security -fstack-protector -D_FORTIFY_SOURCE=1 -Wl,-z,now -Wl,-z,relro -ffunction-sections -fdata-sections " CXXFLAGS="-Os -pipe -fno-caller-saves -fno-plt -fhonour-copts -fmacro-prefix-map=/home/kirula/Downloads/openwrt/build_dir/target-aarch64_cortex-a72_musl/wireshark-4.4.0=wireshark-4.4.0 -Wformat -Werror=format-security -fstack-protector -D_FORTIFY_SOURCE=1 -Wl,-z,now -Wl,-z,relro -ffunction-sections -fdata-sections " CPPFLAGS="-I/home/kirula/Downloads/openwrt/staging_dir/toolchain-aarch64_cortex-a72_gcc-13.3.0_musl/usr/include -I/home/kirula/Downloads/openwrt/staging_dir/toolchain-aarch64_cortex-a72_gcc-13.3.0_musl/include -I/home/kirula/Downloads/openwrt/staging_dir/toolchain-aarch64_cortex-a72_gcc-13.3.0_musl/include/fortify " LDFLAGS="-L/home/kirula/Downloads/openwrt/staging_dir/toolchain-aarch64_cortex-a72_gcc-13.3.0_musl/usr/lib -L/home/kirula/Downloads/openwrt/staging_dir/toolchain-aarch64_cortex-a72_gcc-13.3.0_musl/lib -fuse-ld=bfd -znow -zrelro -Wl,--gc-sections "  BUILD_CC="aarch64-openwrt-linux-musl-gcc" HOSTCC="/home/kirula/Downloads/openwrt/staging_dir/host/bin/gcc" td_cv_buggygetaddrinfo=no ac_cv_linux_vers= ac_cv_header_rpc_rpcent_h=no ac_cv_lib_rpc_main=no ac_cv_path_PCAP_CONFIG=""  ./configure --target=aarch64-openwrt-linux --host=aarch64-openwrt-linux --build=x86_64-pc-linux-gnu --disable-dependency-tracking --program-prefix="" --program-suffix="" --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --libexecdir=/usr/lib --sysconfdir=/etc --datadir=/usr/share --localstatedir=/var --mandir=/usr/man --infodir=/usr/info --disable-nls  --enable-tshark --enable-dumpcap --enable-setuid-install --disable-wireshark --disable-gtk3 --disable-androiddump --disable-ipv6 --without-lua --disable-editcap --disable-capinfos --disable-mergecap --disable-text2pcap --disable-idl2wrs --disable-dftest --disable-randpkt ; fi; )
touch /home/kirula/Downloads/openwrt/build_dir/target-aarch64_cortex-a72_musl/wireshark-4.4.0/.configured_68b329da9893e34099c7d8ad5cb9c940
rm -f /home/kirula/Downloads/openwrt/build_dir/target-aarch64_cortex-a72_musl/wireshark-4.4.0/.built
touch /home/kirula/Downloads/openwrt/build_dir/target-aarch64_cortex-a72_musl/wireshark-4.4.0/.built_check
cd /home/kirula/Downloads/openwrt/build_dir/target-aarch64_cortex-a72_musl/wireshark-4.4.0/tools/lemon && make
make[3]: Entering directory '/home/kirula/Downloads/openwrt/build_dir/target-aarch64_cortex-a72_musl/wireshark-4.4.0/tools/lemon'
make[3]: *** No targets specified and no makefile found.  Stop.
make[3]: Leaving directory '/home/kirula/Downloads/openwrt/build_dir/target-aarch64_cortex-a72_musl/wireshark-4.4.0/tools/lemon'
make[2]: *** [Makefile:79: /home/kirula/Downloads/openwrt/build_dir/target-aarch64_cortex-a72_musl/wireshark-4.4.0/.built] Error 2
make[2]: Leaving directory '/home/kirula/Downloads/openwrt/package/network/utils/wireshark'
time: package/network/utils/wireshark/compile#7.19#1.97#23.89
    ERROR: package/network/utils/wireshark failed to build.
make[1]: *** [package/Makefile:177: package/network/utils/wireshark/compile] Error 1
make[1]: Leaving directory '/home/kirula/Downloads/openwrt'
make: *** [/home/kirula/Downloads/openwrt/include/toplevel.mk:248: package/network/utils/wireshark/compile] Error 2

Makefile I have used

# Makefile for building Wireshark 4.4.0 on OpenWrt for ARM (Raspberry Pi)

include $(TOPDIR)/rules.mk

PKG_NAME:=wireshark
PKG_VERSION:=4.4.0
PKG_RELEASE:=1

PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://www.wireshark.org/download/src/
PKG_HASH:=50a9ae3a9b90f92d6f352531fe68fbd2  # SHA256 hash from the provided signature file

PKG_FIXUP:=autoreconf

include $(INCLUDE_DIR)/package.mk

define Package/wireshark
  SECTION:=net
  CATEGORY:=Network
  DEPENDS:=+librt +libcap +glib2 +tcpdump +libc +libpcap
  URL:=http://www.wireshark.org/
  TITLE:=Network monitoring and data analysis tool
endef

CONFIGURE_ARGS+= \
	--enable-tshark \
	--enable-dumpcap \
	--enable-setuid-install \
	--disable-wireshark \
	--disable-gtk3 \
	--disable-androiddump \
	--disable-ipv6 \
	--without-lua \
	--disable-editcap \
	--disable-capinfos \
	--disable-mergecap \
	--disable-text2pcap \
	--disable-idl2wrs \
	--disable-dftest \
	--disable-randpkt

TARGET_CFLAGS += -ffunction-sections -fdata-sections
TARGET_LDFLAGS += -Wl,--gc-sections

CONFIGURE_VARS += \
	BUILD_CC="$(TARGET_CC)" \
	HOSTCC="$(HOSTCC)" \
	td_cv_buggygetaddrinfo=no \
	ac_cv_linux_vers=$(LINUX_VERSION) \
	ac_cv_header_rpc_rpcent_h=no \
	ac_cv_lib_rpc_main=no \
	ac_cv_path_PCAP_CONFIG=""

MAKE_FLAGS += \
	CCOPT="$(TARGET_CFLAGS)" INCLS="-I. $(TARGET_CPPFLAGS)"

define Build/Compile
	cd $(PKG_BUILD_DIR)/tools/lemon && make
	$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \
		DESTDIR="$(PKG_INSTALL_DIR)" \
		CC="$(TARGET_CC)" \
		install
endef
	
define Package/wireshark/install
	$(INSTALL_DIR) $(1)/usr/bin
	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/tshark $(1)/usr/bin/
	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/captype $(1)/usr/bin/
	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/dumpcap $(1)/usr/bin/
	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/rawshark $(1)/usr/bin/
	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/reordercap $(1)/usr/bin/
	$(INSTALL_DIR) $(1)/usr/lib
	$(CP) $(PKG_INSTALL_DIR)/usr/lib/lib*.so* $(1)/usr/lib
endef

$(eval $(call BuildPackage,wireshark))

$10 for tshark

1 Like

What about this: https://openwrt.org/docs/guide-user/firewall/misc/tcpdump_wireshark

1 Like