diff options
Diffstat (limited to '')
-rw-r--r-- | admin/wireshark-dissectors/peers/README | 78 |
1 files changed, 78 insertions, 0 deletions
diff --git a/admin/wireshark-dissectors/peers/README b/admin/wireshark-dissectors/peers/README new file mode 100644 index 0000000..83b57d2 --- /dev/null +++ b/admin/wireshark-dissectors/peers/README @@ -0,0 +1,78 @@ +------------------------------------------------------------------------ +How to build wireshark with HAProxy Peers Protocol dissection support. +------------------------------------------------------------------------ + +Please note that at this time, HAProxy Peers Protocol dissection is not supported +on Windows systems (could not be tested). + +1) File list +------------- + - packet-happp.c: source code for HAProxy Peers Protocol (HAPPP) dissection + support. + - wireshark.happp.dissector.patch: a patch file for wireshark sources to enable HAPPP + dissection support. Note that this patch file modifies only two files: + (epan/dissectors/CMakeLists.txt and epan/dissectors/Makefile.am) to add + packet-happp.c file DISSECTOR_SRC variable which list all wireshark + - README: this file. + +2a) To build wireshark with HAPPP dissection support +--------------------------------------------------- + - Download wireshark sources: + $ git clone https://code.wireshark.org/review/wireshark + - copy packet-happp.c file to epan/dissectors/ directory. + - apply wireshark.happp.dissector.patch file to wireshark source directory. + - build wireshark (see https://www.wireshark.org/docs/wsdg_html_chunked/): + $ ./autogen.sh + $ ./configure + $ make + +2b) Alternative: build the HAPPP dissector as a wireshark plugin +----------------------------------------------------------------- +If you don't want to build completely wireshark, you can build the dissector as +a plugin. + +You will need the development package of your distribution, which is +"libwireshark-dev" for debian based distribution and "wireshark-dev" for +redhat-based ones. + +$ make + +It is possible that depending on your distribution the compilation may fail +with such an error: + + packet-happp.c:40:10: fatal error: ws_version.h: No such file or directory + #include <ws_version.h> + +In this case try to build this plugins with this OPTS variable: + +$ OPTS=-DWITHOUT_WS_VERSION make + +To install it in your home directory: + +$ make install + +The plugin will be installed in ~/.wireshark/plugins/ by default, but you can +change this path by setting the "plugins" variable. If it didn't work, check +the paths in "Help > About Wireshark > Folders > Personal Plugins" which should +give you the right path to use. + +In some distribution it will be in ~/.local/lib/wireshark/ so you will need to +install it this way: + +$ make install plugins=~/.local/lib/wireshark/plugins/3.2/epan/ + +If you want to install it in the system directory you can do it this way, the +righ path is also in the Folder window. Change the plugins variable this way: + +$ sudo make install plugins=/usr/lib64/wireshark/plugins/3.2/epan/ + +Be careful to use the right version number in the path. + +3) Check if you have the dissector in wireshark +----------------------------------------------- +To verify if the protocol was well loaded by your wireshark, open the Supported +Protocols window in "View > Internals > Supported Protocols" and look for +"HAPPP". + +In the case of a plugin, you should see your plugin loaded in "Help > About +Wireshark > Plugins". |