summaryrefslogtreecommitdiffstats
path: root/admin/wireshark-dissectors/peers/README
blob: 83b57d298656231c033bb10447942d2725feb95e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
------------------------------------------------------------------------
How to build wireshark with HAProxy Peers Protocol dissection support.
------------------------------------------------------------------------

Please note that at this time, HAProxy Peers Protocol dissection is not supported
on Windows systems (could not be tested).

1) File list
-------------
 - packet-happp.c: source code for HAProxy Peers Protocol (HAPPP) dissection
   support.
 - wireshark.happp.dissector.patch: a patch file for wireshark sources to enable HAPPP
   dissection support. Note that this patch file modifies only two files:
   (epan/dissectors/CMakeLists.txt and epan/dissectors/Makefile.am) to add
   packet-happp.c file DISSECTOR_SRC variable which list all wireshark
 - README: this file.

2a) To build wireshark with HAPPP dissection support
---------------------------------------------------
 - Download wireshark sources:
   $ git clone https://code.wireshark.org/review/wireshark
 - copy packet-happp.c file to epan/dissectors/ directory.
 - apply wireshark.happp.dissector.patch file to wireshark source directory.
 - build wireshark (see https://www.wireshark.org/docs/wsdg_html_chunked/):
   $ ./autogen.sh
   $ ./configure
   $ make

2b) Alternative: build the HAPPP dissector as a wireshark plugin
-----------------------------------------------------------------
If you don't want to build completely wireshark, you can build the dissector as
a plugin.

You will need the development package of your distribution, which is
"libwireshark-dev" for debian based distribution and "wireshark-dev" for
redhat-based ones.

$ make

It is possible that depending on your distribution the compilation may fail
with such an error:

  packet-happp.c:40:10: fatal error: ws_version.h: No such file or directory
                #include <ws_version.h>

In this case try to build this plugins with this OPTS variable:

$ OPTS=-DWITHOUT_WS_VERSION make

To install it in your home directory:

$ make install

The plugin will be installed in ~/.wireshark/plugins/ by default, but you can
change this path by setting the "plugins" variable. If it didn't work, check
the paths in "Help > About Wireshark > Folders > Personal Plugins" which should
give you the right path to use.

In some distribution it will be in ~/.local/lib/wireshark/ so you will need to
install it this way:

$ make install plugins=~/.local/lib/wireshark/plugins/3.2/epan/

If you want to install it in the system directory you can do it this way, the
righ path is also in the Folder window. Change the plugins variable this way:

$ sudo make install plugins=/usr/lib64/wireshark/plugins/3.2/epan/

Be careful to use the right version number in the path.

3) Check if you have the dissector in wireshark
-----------------------------------------------
To verify if the protocol was well loaded by your wireshark, open the Supported
Protocols window in "View > Internals > Supported Protocols" and look for
"HAPPP".

In the case of a plugin, you should see your plugin loaded in "Help > About
Wireshark > Plugins".