一、WireShark 下载

官网下载地址：https://www.wireshark.org/

二、WireShark 安装

（1）双击运行安装程序

（2）Choose Components：选择组件

Choose which features of Wireshark 4.0.1 64-bit you want to install.

选择要安装的 Wireshark 4.0.1 64 位的需要的功能，默认全选即可

The following components are available for installation.

以下组件可供安装。

Select components to install:

选择要安装的组件：

Wireshark：The main network protocol analyzer application. 主要的网络协议分析器应用。
TShark：Text based network protocol analyzer. 基于文本的网络协议分析仪。
Plugins & Extensionslools：Plugins and extensions for both Wireshark and TShark. Wireshark 和 TShark 的插件和扩展。
Tools：Additional command line based tools. 其他基于命令行的工具。
Documentation：Install an offline copy of the User's Guide and FAQ. 安装 “用户指南” 和 “常见问题” 的脱机副本文献。

（3）Additional Tasks：附加任务

Create shortcuts and associate file extensions.

创建快捷方式并关联文件扩展名，默认全选即可

Create Shortcuts：创建快捷方式

Wireshark Start Menu Item：Wireshark开始菜单项
Wireshark Desktop Icon：Wireshark桌面图标
Wireshark Quick Launch Icon：Wireshark 快捷方式图标

Associate File Extensions：关联文件扩展

Associate trace file extensions with Wireshark

将跟踪文件扩展名与 Wireshark 关联起来

Extensions include 5vw, acp, apc, atc, bfr, cap, enc, erf , fdc, ipfix, Icap,
mplog, ntar, out, pcap, pcapng, pklg, pkt, rf5, snoop, syc, tpc, tr1, trace, trc,vwr, wpc, and wpz.

扩展包括 5vw, acp, apc, atc, bfr, cap, enc, erf , fdc, ipfix, Icap,
mplog, ntar, out, pcap, pcapng, pklg, pkt, rf5, snoop, syc, tpc, tr1, trace, trc,vwr, wpc, and wpz.

（4）Choose lnstall Location：选择安装位置

Choose the folder in which to install Wireshark 4.0.1 64-bit.

选择要安装Wireshark 4.0.1 64位的文件夹，需自定义安装路径

（5） Packet Capture：包捕获

Wireshark requires either Npcap or WinPcap to capture live network data.

Wireshark 需要 Npcap 或 WinPcap 来捕获实时网络数据，默认全选即可

Currently installed Npcap or WinPcap version

当前已安装的 Npcap 或 WinPcap 版本号

WinPcap 4.1.3

Install：安装
Install Npcap 1.71：安装 Npcap 1.71
The currently installed WinPcap 4.1.3 may be uninstalled first.

当前安装的 WinPcap4.1.3 可以先卸载。

Important notice：重要通知
lf your system has crashed during a Wireshark installation, you must run the command'net stop npcap' as Administrator before upgrading Npcap, so that it doesn't crash again

如果您的系统在 Wireshark 安装期间崩溃，则必须在升级 Npcapk 之前以管理员身份运行命令 ‘net Stop npcape’，这样它就不会再次崩溃

（6）USB Capture：USB 捕获

USBPcap is required to capture USB traffic. Should USBPcap be installed(experimental)?

要捕获 USB 流量，需要 USBPcap。是否应该安装 USBPcap (实验)？

注意：此处根据需要选择安装，这个插件还是测试版本的，本人选择安装

Currently installed USBPcap version

当前已安装的 USBPcap 版本号

USBPcap is currently not installed：当前未安装 USBPcap

Install：安装
Install USBPcap 1.5.4.0：安装 USBPcap 1.5.4.0
(Use Add/Remove Programs first to uninstall any undetected old USBPcap versions)

(首先使用添加/删除程序卸载任何未检测到的旧 USBPcap 版本)

Important notice：重要通知
In case of issue after installation, please use the system restore point created or readhttps://github.com/desowin/usbpcap/issues/3

如果安装后出现问题，请使用所创建的系统恢复点或浏览网址说明：

https://github.com/desowin/usbpcap/issues/3

（7）安装 Npcap

Installation Options:安装选项
Please review the following options before installing Npcap 1.71

在安装 Npcap1.71 之前，请检查以下选项，默认全选即可

Restrict Npcap driver's access to Administrators only:仅限制 Npcap 驱动程序访问管理员
Support raw 802.11 traffic (and monitor mode) for wireless adapters：支持无线适配器的原始 802.11 通信量(和监视模式)
Install Npcap in WinPcap API-compatible Mode (WinPcap will be uninstalled) ：在WinPcapAPI 兼容模式下安装 Npcap (将卸载 WinPcapd )