Wireshark Developer's Guide
   Next

Wireshark Developer's Guide

33328 for Wireshark 1.4

Ulf Lamping


Copyright © 2004-2010 Ulf Lamping

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 or any later version published by the Free Software Foundation.

All logos and trademarks in this document are property of their respective owner.

Table of Contents

Preface
1. Foreword
2. Who should read this document?
3. Acknowledgements
4. About this document
5. Where to get the latest copy of this document?
6. Providing feedback about this document
I. Wireshark Build Environment
1. Introduction
1.1. Introduction
1.2. What is Wireshark?
1.3. Platforms Wireshark runs on
1.3.1. Unix
1.3.2. Linux
1.3.3. Microsoft Windows
1.4. Development and maintenance of Wireshark
1.4.1. Programming language(s) used
1.4.2. Open Source Software
1.5. Releases and distributions
1.5.1. Binary distributions
1.5.2. Source code distributions
1.6. Automated Builds (Buildbot)
1.6.1. Advantages
1.6.2. What does the Buildbot do?
1.7. Reporting problems and getting help
1.7.1. Website
1.7.2. Wiki
1.7.3. FAQ
1.7.4. Other sources
1.7.5. Mailing Lists
1.7.6. Bug database (Bugzilla)
1.7.7. Reporting Problems
1.7.8. Reporting Crashes on UNIX/Linux platforms
1.7.9. Reporting Crashes on Windows platforms
2. Quick Setup
2.1. UNIX: Installation
2.2. Win32: Step-by-Step Guide
2.2.1. Install Microsoft C compiler and Platform SDK
2.2.2. Install Cygwin
2.2.3. Install Python
2.2.4. Install Subversion Client
2.2.5. Install and Prepare Sources
2.2.6. Prepare cmd.exe
2.2.7. Verify installed tools
2.2.8. Install Libraries
2.2.9. Distclean Sources
2.2.10. Build Wireshark
2.2.11. Debug Environment Setup (XXX)
2.2.12. Optional: Create User's and Developer's Guide
2.2.13. Optional: Create a Wireshark Installer
3. Work with the Wireshark sources
3.1. Introduction
3.2. The Wireshark Subversion repository
3.2.1. The web interface to the Subversion repository
3.3. Obtain the Wireshark sources
3.3.1. Anonymous Subversion access
3.3.2. Anonymous Subversion web interface
3.3.3. Buildbot Snapshots
3.3.4. Released sources
3.4. Update the Wireshark sources
3.4.1. ... with Anonymous Subversion access
3.4.2. ... from zip files
3.5. Build Wireshark
3.5.1. Unix
3.5.2. Win32 native
3.6. Run generated Wireshark
3.6.1. Unix/Linux
3.6.2. Win32 native
3.7. Debug your generated Wireshark
3.7.1. Unix/Linux
3.7.2. Win32 native
3.8. Make changes to the Wireshark sources
3.9. Contribute your changes
3.9.1. What is a diff file (a patch)?
3.9.2. Generate a patch
3.9.3. Some tips for a good patch
3.9.4. Code Requirements
3.9.5. Sending your patch for inclusion
3.10. Apply a patch from someone else
3.10.1. Using patch
3.10.2. CVS diff (obsolete)
3.11. Add a new file to the Subversion repository
3.12. Binary packaging
3.12.1. Debian: .deb packages
3.12.2. Red Hat: .rpm packages
3.12.3. MAC OS X: .dmg packages
3.12.4. Win32: NSIS .exe installer
4. Tool Reference
4.1. Introduction
4.2. Win32: Cygwin
4.2.1. Add/Update/Remove Cygwin Packages
4.3. GNU compiler toolchain (UNIX or Win32 Cygwin)
4.3.1. gcc (GNU compiler collection)
4.3.2. gdb (GNU project debugger)
4.3.3. ddd (GNU Data Display Debugger)
4.3.4. make (GNU Make)
4.4. Microsoft compiler toolchain (Win32 native)
4.4.1. Toolchain Package Alternatives
4.4.2. Legal issues with MSVC > V6?
4.4.3. cl.exe (C Compiler)
4.4.4. nmake.exe (Make)
4.4.5. link.exe (Linker)
4.4.6. C-Runtime "Redistributable" files
4.4.7. Windows (Platform) SDK
4.4.8. HTML Help
4.4.9. Debugger
4.5. bash
4.5.1. UNIX or Win32 Cygwin: GNU bash
4.5.2. Win32 native: -
4.6. python
4.6.1. UNIX or Win32 Cygwin: python
4.6.2. Win32 native: python
4.7. perl
4.7.1. UNIX or Win32 Cygwin: perl
4.7.2. Win32 native: perl
4.8. sed
4.8.1. UNIX or Win32 Cygwin: sed
4.8.2. Win32 native: sed
4.9. yacc (bison)
4.9.1. UNIX or Win32 Cygwin: bison
4.9.2. Win32 native: bison
4.10. flex
4.10.1. UNIX or Win32 Cygwin: flex
4.10.2. Win32 native: flex
4.11. Subversion (SVN) client (optional)
4.11.1. UNIX or Win32 Cygwin: svn
4.11.2. Win32 native: svn
4.12. Subversion (SVN) GUI client (optional)
4.12.1. UNIX or Win32 Cygwin: rapidSVN, subcommander
4.12.2. Win32 native: TortoiseSVN
4.13. diff (optional)
4.13.1. UNIX or Win32 Cygwin: GNU diff
4.13.2. Win32 native: diff
4.14. patch (optional)
4.14.1. UNIX or Win32 Cygwin: patch
4.14.2. Win32 native: patch
4.15. Win32: GNU wget (optional)
4.16. Win32: GNU unzip (optional)
4.17. Win32: NSIS (optional)
5. Library Reference
5.1. Introduction
5.2. Binary library formats
5.2.1. Unix
5.2.2. Win32: MSVC
5.2.3. Win32: cygwin gcc
5.3. Win32: Automated library download
5.3.1. Initial download
5.3.2. Update of a previous download
5.4. GTK+ / GLib / GDK / Pango / ATK / GNU gettext / GNU libiconv
5.4.1. Unix
5.4.2. Win32 MSVC
5.5. SMI (optional)
5.5.1. Unix
5.5.2. Win32 MSVC
5.6. c-ares (optional)
5.6.1. Unix
5.6.2. Win32 MSVC
5.7. GNU adns (optional)
5.7.1. Unix
5.7.2. Win32 MSVC
5.8. PCRE (optional)
5.8.1. Unix
5.8.2. Win32 MSVC
5.9. zlib (optional)
5.9.1. Unix
5.9.2. Win32 MSVC
5.10. libpcap/WinPcap (optional)
5.10.1. Unix: libpcap
5.10.2. Win32 MSVC: WinPcap
5.11. GnuTLS (optional)
5.11.1. Unix
5.11.2. Win32 MSVC
5.12. Gcrypt (optional)
5.12.1. Unix
5.12.2. Win32 MSVC
5.13. Kerberos (optional)
5.13.1. Unix
5.13.2. Win32 MSVC
5.14. LUA (optional)
5.14.1. Unix
5.14.2. Win32 MSVC
5.15. PortAudio (optional)
5.15.1. Unix
5.15.2. Win32 MSVC
5.16. GeoIP (optional)
5.16.1. Unix
5.16.2. Win32 MSVC
II. Wireshark Development (incomplete)
6. How Wireshark Works
6.1. Introduction
6.2. Overview
6.3. Capturing packets
6.4. Capture Files
6.5. Dissect packets
7. Introduction
7.1. Source overview
7.2. Coding styleguides
7.3. The GLib library
8. Packet capturing
8.1. How to add a new capture type to libpcap
9. Packet dissection
9.1. How it works
9.2. Adding a basic dissector
9.2.1. Setting up the dissector
9.2.2. Dissecting the details of the protocol
9.2.3. Improving the dissection information
9.3. How to handle transformed data
9.4. How to reassemble split packets
9.4.1. How to reassemble split UDP packets
9.4.2. How to reassemble split TCP Packets
9.5. How to tap protocols
9.6. How to produce protocol stats
9.7. How to use conversations
10. User Interface
10.1. Introduction
10.2. The GTK library
10.2.1. GTK Version 1.x
10.2.2. GTK Version 2.x
10.2.3. Compatibility GTK versions
10.2.4. GTK resources on the web
10.3. GUI Reference documents
10.4. Adding/Extending Dialogs
10.5. Widget naming
10.6. Common GTK programming pitfalls
10.6.1. Usage of gtk_widget_show() / gtk_widget_show_all()
A. This Document's License (GPL)

List of Figures

6.1. Wireshark function blocks.

List of Tables

3.1. Some useful diff options

List of Examples

9.1. Dissector Initialisation.
9.2. Dissector Handoff.
9.3. Dissection.
9.4. Plugin Packet Dissection.
9.5. Registering data structures.
9.6. Dissector data structure globals.
9.7. Dissector starting to dissect the packets.
9.8. Wrapping up the packet dissection.
9.9. Naming the packet types.
9.10. Adding Names to the protocol.
9.11. Adding Flags to the protocol.
9.12. Enhancing the display.
9.13. Decompressing data packets for dissection.
9.14. Reassembling fragments - Part 1
9.15. Reassembling fragments part 2
9.16. Reassembling fragments - Initialisation
9.17. Reassembling fragments - Data
9.18. Reassembling TCP fragments
9.19. Initialising a tap
9.20. Calling a protocol tap
9.21. Initialising a stats interface
9.22. Initialising a stats session
9.23. Generating the stats
   Next
   Preface