How to compile tshark binary for arm64 architecture android devices
TShark is a network protocol analyzer. It lets you capture packet data from a live network, or read packets from a previously saved capture file, either printing a decoded form of those packets to the standard output or writing the packets to a file. TShark’s native capture file format is pcap format.
Clone this repository from github into your home directory
$ cd ~
$ git clone https://github.com/hasanbulat/tshark.git
Prepare necessary package and tools
Run the following command to install compiling tools
$ cd tools
$ wget https://dl.google.com/android/repository/android-ndk-r10e-linux-x86_64.zip
$ unzip android-ndk-r10e-linux-x86_64.zip
Run “make-standalone-toolchain” script
$ cd ~/tshark
$ ./make-standalone-toolchain
aarch64-linux-android-4.9 standalone toolchain will be install in tools/android64-ndk-toolchain directory
Compile dependencies libraries
Run these following command to setup environments variables
$ source ~/tshark/set-env-glib.sh
Compile libiconv
$ cd source/libiconv-1.15
$ ./configure --build=${BUILD_SYS} --host=aarch64 --prefix=${PREFIX} --disable-rpath
$ make
$ make install
Compile libffi
$ cd ../libffi-3.2.1
$ ./configure --build=${BUILD_SYS} --host=aarch64 --prefix=${PREFIX} --enable-static
$ make
$ make install
Compile gettext
$ cd ../gettext-0.19.8
$ ./configure --build=${BUILD_SYS} --host=aarch64 --prefix=${PREFIX} --disable-rpath --disable-libasprintf --disable-java --disable-native-java --disable-openmp --disable-curses
$ make
$ make install
Compile Glib
$ cd ../glib-2.48.1
$ ./configure --build=${BUILD_SYS} --host=aarch64 --prefix=${PREFIX} --disable-dependency-tracking --cache-file=android.cache --enable-included-printf --enable-static --with-pcre=no
$ make
$ make install
Compile libpcap
$ cd ../libpcap-1.8.1
$ ./configure --build=${BUILD_SYS} --host=aarch64 --prefix=${PREFIX} --with-pcap=linux
$ make
$ make install
Compile tshark
Run the following commands
$ source ~/tshark/set-env-tshark.sh
$ cd ../wireshark-2.0.12
$ ./autogen.sh
$ ./conf-tshark
$ make
$ make install
All binaries and libraries will be install in “~/android64” directory
Testing
Copy “tshark” and “dumpcap” binaries in wireshark-2.0.12 directory to “/data” directory on your android devices then using adb to access android shell (root access required on android devices)
$ cd /data
$ ./tshark --version
if tshark working correctly, you will see output like this:
Running as user “root” and group “root”. This could be dangerous.
TShark (Wireshark) 2.0.12 (Git Rev Unknown from unknown)
Copyright 1998-2017 Gerald Combs gerald@wireshark.org and contributors.
License GPLv2+: GNU GPL version 2 or later http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with libpcap, without POSIX capabilities, without libnl, with
libz 1.2.3, with GLib 2.48.1, without SMI, without c-ares, without ADNS, without
Lua, without GnuTLS, without Gcrypt, without Kerberos, without GeoIP.
Running on Linux 3.18.20-v01+, with locale C, with libpcap version 1.8.1, with
libz 1.2.8.
How to compile tshark binary for arm64 architecture android devices
TShark is a network protocol analyzer. It lets you capture packet data from a live network, or read packets from a previously saved capture file, either printing a decoded form of those packets to the standard output or writing the packets to a file. TShark’s native capture file format is pcap format.
Clone this repository from github into your home directory
Prepare necessary package and tools
Run the following command to install compiling tools
Create “tools” directory in your home directory
Download and unzip NDK tools https://dl.google.com/android/repository/android-ndk-r10e-linux-x86_64.zip using command
Run “make-standalone-toolchain” script
aarch64-linux-android-4.9 standalone toolchain will be install in tools/android64-ndk-toolchain directory
Compile dependencies libraries
Run these following command to setup environments variables
Compile libiconv
Compile libffi
Compile gettext
Compile Glib
Compile libpcap
Compile tshark
Run the following commands
All binaries and libraries will be install in “~/android64” directory
Testing
Copy “tshark” and “dumpcap” binaries in wireshark-2.0.12 directory to “/data” directory on your android devices then using adb to access android shell (root access required on android devices)
$ cd /data$ ./tshark --versionif tshark working correctly, you will see output like this:
Running as user “root” and group “root”. This could be dangerous. TShark (Wireshark) 2.0.12 (Git Rev Unknown from unknown)
Copyright 1998-2017 Gerald Combs gerald@wireshark.org and contributors. License GPLv2+: GNU GPL version 2 or later http://www.gnu.org/licenses/old-licenses/gpl-2.0.html This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with libpcap, without POSIX capabilities, without libnl, with libz 1.2.3, with GLib 2.48.1, without SMI, without c-ares, without ADNS, without Lua, without GnuTLS, without Gcrypt, without Kerberos, without GeoIP.
Running on Linux 3.18.20-v01+, with locale C, with libpcap version 1.8.1, with libz 1.2.8.
Built using gcc 4.9 20140827 (prerelease).
References