Install tshark On CentOS Linux Using The Yum Package Manager

I use tshark sometimes to strip down packet captures based on specific variables and needed to install tshark on a CentOS Linux server I recently built for various development tasks. The problem is that when attempting to install tshark using yum it returned an error because there was no package named tshark available in any of the yum repositories I had configured.

Error Attempting To Install tshark Using Yum:

bash

  1. [root@dev ~]# yum list *TSHARK*
  2. Loaded plugins: fastestmirror
  3. Loading mirror speeds from cached hostfile
  4.  * addons: mirror.cogentco.com
  5.  * base: mirrors.serveraxis.net
  6.  * epel: ftp.osuosl.org
  7.  * extras: mirrors.serveraxis.net
  8.  * rpmforge: apt.sw.be
  9.  * updates: hpc.arc.georgetown.edu
  10. Error: No matching Packages to list

As you can see above when attempting to locate any packages containing tshark yum returned an error because there were no packages available that contained the word tshark. Next I used the yum with the whatprovides command to find out if any of the packages available in the installed repositories included the tshark command as displayed in the below example.

Use Yum To Search For The Package That Installs Tshark:

bash

  1. [root@dev ~]# yum whatprovides *tshark*
  2. Loaded plugins: fastestmirror
  3. Loading mirror speeds from cached hostfile
  4.  * addons: mirror.cogentco.com
  5.  * base: mirrors.serveraxis.net
  6.  * epel: ftp.osuosl.org
  7.  * extras: mirrors.serveraxis.net
  8.  * rpmforge: apt.sw.be
  9.  * updates: hpc.arc.georgetown.edu
  10. addons/filelists                                                                                             |  196 B     00:00
  11. adobe-linux-i386/filelists                                                                                   | 141 kB     00:00
  12. base/filelists_db                                                                                            | 3.9 MB     00:03
  13. epel/filelists_db                                                                                            | 4.0 MB     00:03
  14. extras/filelists_db                                                                                          | 212 kB     00:00
  15. rpmforge/filelists                                                                                           | 3.9 MB     00:04
  16. updates/filelists_db                                                                                         | 2.6 MB     00:02
  17. wireshark-1.0.8-1.el5_3.1.x86_64 : Network traffic analyzer
  18. Repo        : base
  19. Matched from:
  20. Filename    : /usr/sbin/tshark
  21. Filename    : /usr/share/wireshark/tshark.html
  22. Filename    : /usr/share/man/man1/tshark.1.gz

Now we can see that the wireshark RPM package includes the tshark application and the tshark man page. Now all we need to do is install wireshark using yum as displayed below and the tshark command will also be installed.

Install The Wireshark RPM Package Using Yum For The Tshark Application:

bash

  1. [root@dev ~]# yum install wireshark
  2. Loaded plugins: fastestmirror
  3. Loading mirror speeds from cached hostfile
  4.  * addons: mirror.cogentco.com
  5.  * base: mirrors.serveraxis.net
  6.  * epel: ftp.osuosl.org
  7.  * extras: mirrors.serveraxis.net
  8.  * rpmforge: apt.sw.be
  9.  * updates: hpc.arc.georgetown.edu
  10. Setting up Install Process
  11. Resolving Dependencies
  12. --> Running transaction check
  13. ---> Package wireshark.x86_64 0:1.0.8-1.el5_3.1 set to be updated
  14. --> Processing Dependency: libsmi.so.2()(64bit) for package: wireshark
  15. --> Running transaction check
  16. ---> Package libsmi.x86_64 0:0.4.5-2.el5 set to be updated
  17. --> Finished Dependency Resolution
  18.  
  19. Dependencies Resolved
  20.  
  21. ====================================================================================================================================
  22.  Package                        Arch                        Version                                 Repository                 Size
  23. ====================================================================================================================================
  24. Installing:
  25.  wireshark                      x86_64                      1.0.8-1.el5_3.1                         base                       12 M
  26. Installing for dependencies:
  27.  libsmi                         x86_64                      0.4.5-2.el5                             base                      2.4 M
  28.  
  29. Transaction Summary
  30. ====================================================================================================================================
  31. Install      2 Package(s)
  32. Update       0 Package(s)
  33. Remove       0 Package(s)
  34.  
  35. Total download size: 14 M
  36. Is this ok [y/N]: y
  37. Downloading Packages:
  38. (1/2): libsmi-0.4.5-2.el5.x86_64.rpm                                                                         | 2.4 MB     00:02
  39. (2/2): wireshark-1.0.8-1.el5_3.1.x86_64.rpm                                                                  |  12 MB     00:10
  40. ------------------------------------------------------------------------------------------------------------------------------------
  41. Total                                                                                               1.2 MB/s |  14 MB     00:12
  42. Running rpm_check_debug
  43. Running Transaction Test
  44. Finished Transaction Test
  45. Transaction Test Succeeded
  46. Running Transaction
  47.   Installing     : libsmi                                                                                                       1/2
  48.   Installing     : wireshark                                                                                                    2/2
  49.  
  50. Installed:
  51.   wireshark.x86_64 0:1.0.8-1.el5_3.1
  52.  
  53. Dependency Installed:
  54.   libsmi.x86_64 0:0.4.5-2.el5
  55.  
  56. Complete!

When installing the wireshark RPM package it is possible there will be one or more dependencies such as libsmi above that will need to be installed as well. Wireshark is now installed and the below example shows that tshark also successfully installed.

Verify Tshark Version On CentOS Linux After Installing Wireshark:

bash

  1. [root@dev ~]# tshark -v
  2. TShark 1.0.8
  3.  
  4. Copyright 1998-2009 Gerald Combs <gerald@wireshark.org> and contributors.
  5. This is free software; see the source for copying conditions. There is NO
  6. warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
  7.  
  8. Compiled with GLib 2.12.3, with libpcap 0.9.4, with libz 1.2.3, without POSIX
  9. capabilities, with libpcre 6.6, with SMI 0.4.5, without ADNS, without Lua, with
  10. GnuTLS 1.4.1, with Gcrypt 1.2.4, with MIT Kerberos.
  11.  
  12. Running on Linux 2.6.18-164.11.1.el5, with libpcap version 0.9.4.
  13.  
  14. Built using gcc 4.1.2 20080704 (Red Hat 4.1.2-44).

So to install tshark on CentOS Linux simply install Wireshark and any required dependencies using the Yum Package Manager.

Share