User GuideTable of ContentsWireshark Developer's Guide3Table of Contents4Preface81. Foreword82. Who should read this document?93. Acknowledgements104. About this document115. Where to get the latest copy of this document?126. Providing feedback about this document13Part I. Wireshark Build Environment15Chapter 1. Introduction161.1. Introduction161.2. What is Wireshark?171.3. Platforms Wireshark runs on181.3.1. Unix181.3.2. Linux181.3.3. Microsoft Windows191.4. Development and maintenance of Wireshark201.4.1. Programming language(s) used201.4.2. Open Source Software201.5. Releases and distributions221.5.1. Binary distributions221.5.2. Source code distributions221.6. Automated Builds (Buildbot)231.6.1. Advantages231.6.2. What does the Buildbot do?231.7. Reporting problems and getting help241.7.1. Website241.7.2. Wiki241.7.3. FAQ241.7.4. Other sources241.7.5. Mailing Lists241.7.6. Bug database (Bugzilla)251.7.7. Reporting Problems251.7.8. Reporting Crashes on UNIX/Linux platforms261.7.9. Reporting Crashes on Windows platforms26Chapter 2. Quick Setup282.1. UNIX: Installation282.2. Win32: Step-by-Step Guide292.2.1. Install Microsoft C compiler and Platform SDK292.2.2. Install Cygwin292.2.3. Install Python302.2.4. Install Subversion Client302.2.4.1. Subversion302.2.4.2. TortoiseSVN302.2.5. Install and Prepare Sources302.2.6. Prepare cmd.exe312.2.7. Verify installed tools312.2.8. Install Libraries322.2.9. Distclean Sources322.2.10. Build Wireshark322.2.11. Debug Environment Setup (XXX)332.2.12. Optional: Create User's and Developer's Guide332.2.13. Optional: Create a Wireshark Installer33Chapter 3. Work with the Wireshark sources353.1. Introduction353.2. The Wireshark Subversion repository363.2.1. The web interface to the Subversion repository363.3. Obtain the Wireshark sources383.3.1. Anonymous Subversion access383.3.2. Anonymous Subversion web interface383.3.3. Buildbot Snapshots383.3.4. Released sources393.4. Update the Wireshark sources403.4.1. ... with Anonymous Subversion access403.4.2. ... from zip files403.5. Build Wireshark413.5.1. Unix413.5.2. Win32 native413.6. Run generated Wireshark433.7. Debug your generated Wireshark443.7.1. Win32 native443.8. Make changes to the Wireshark sources453.9. Contribute your changes463.9.1. What is a diff file (a patch)?463.9.2. Generate a patch473.9.2.1. Using the svn command-line client473.9.2.2. Using the diff feature of the GUI Subversion clients473.9.2.3. Using the diff tool473.9.3. Some tips for a good patch483.9.4. Code Requirements483.9.5. Sending your patch for inclusion493.10. Apply a patch from someone else513.10.1. Using patch513.10.2. CVS diff (obsolete)513.11. Add a new file to the Subversion repository533.12. Binary packaging543.12.1. Debian: .deb packages543.12.2. Red Hat: .rpm packages543.12.3. Win32: NSIS .exe installer54Chapter 4. Tool Reference574.1. Introduction574.2. Win32: Cygwin584.2.1. Add/Update/Remove Cygwin Packages584.3. GNU compiler toolchain (UNIX or Win32 Cygwin)594.3.1. gcc (GNU compiler collection)594.3.2. gdb (GNU project debugger)594.3.3. ddd (GNU Data Display Debugger)594.3.4. make (GNU Make)604.4. Microsoft compiler toolchain (Win32 native)614.4.1. Toolchain Package Alternatives614.4.2. Legal issues with MSVC > V6?634.4.3. cl.exe (C Compiler)644.4.4. nmake.exe (Make)654.4.5. link.exe (Linker)654.4.6. C-Runtime "Redistributable" files654.4.6.1. msvcrt.dll - Version 6.0664.4.6.2. msvcr70.dll - Version 7.0 (2002)664.4.6.3. msvcr71.dll - Version 7.1 (2003)664.4.6.4. msvcr80.dll / vcredist_x86.exe - Version 8.0 (2005)664.4.6.5. msvcr90.dll - Version 9.0 (2008)674.4.7. Windows (Platform) SDK674.4.8. HTML Help674.4.8.1. HTML Help Compiler (hhc.exe)674.4.8.2. HTML Help Build Files (htmlhelp.c / htmlhelp.lib)674.4.9. Debugger684.4.9.1. Visual Studio integrated debugger684.4.9.2. Debugging Tools for Windows684.5. bash694.5.1. UNIX or Win32 Cygwin: GNU bash694.5.2. Win32 native: -694.6. python704.6.1. UNIX or Win32 Cygwin: python704.6.2. Win32 native: python704.7. perl714.7.1. UNIX or Win32 Cygwin: perl714.7.2. Win32 native: perl714.8. sed724.8.1. UNIX or Win32 Cygwin: sed724.8.2. Win32 native: sed724.9. yacc (bison)734.9.1. UNIX or Win32 Cygwin: bison734.9.2. Win32 native: bison734.10. flex744.10.1. UNIX or Win32 Cygwin: flex744.10.2. Win32 native: flex744.11. Subversion (SVN) client (optional)754.11.1. UNIX or Win32 Cygwin: svn754.11.2. Win32 native: svn754.12. Subversion (SVN) GUI client (optional)764.12.1. UNIX or Win32 Cygwin: rapidSVN, subcommander764.12.2. Win32 native: TortoiseSVN764.13. diff (optional)774.13.1. UNIX or Win32 Cygwin: GNU diff774.13.2. Win32 native: diff774.14. patch (optional)784.14.1. UNIX or Win32 Cygwin: patch784.14.2. Win32 native: patch784.15. Win32: GNU wget (optional)794.16. Win32: GNU unzip (optional)804.17. Win32: NSIS (optional)81Chapter 5. Library Reference835.1. Introduction835.2. Binary library formats845.2.1. Unix845.2.2. Win32: MSVC845.2.3. Win32: cygwin gcc845.3. Win32: Automated library download855.3.1. Initial download855.3.2. Update of a previous download855.4. GTK+ / GLib / GDK / Pango / ATK / GNU gettext / GNU libiconv875.4.1. Unix875.4.2. Win32 MSVC875.5. Net-SNMP (optional)885.5.1. Unix885.5.2. Win32 MSVC885.6. GNU adns (optional)895.6.1. Unix895.6.2. Win32 MSVC895.7. PCRE (optional)905.7.1. Unix905.7.2. Win32 MSVC905.8. zlib (optional)915.8.1. Unix915.8.2. Win32 MSVC915.9. libpcap/WinPcap (optional)925.9.1. Unix: libpcap925.9.2. Win32 MSVC: WinPcap925.10. GnuTLS (optional)935.10.1. Unix935.10.2. Win32 MSVC935.11. Gcrypt (optional)945.11.1. Unix945.11.2. Win32 MSVC945.12. Kerberos (optional)955.12.1. Unix955.12.2. Win32 MSVC955.13. LUA (optional)965.13.1. Unix965.13.2. Win32 MSVC965.14. PortAudio (optional)975.14.1. Unix975.14.2. Win32 MSVC975.15. Win32: GTK WIMP (optional) for GTK 2.x only98Part II. Wireshark Development (incomplete)100Chapter 6. How Wireshark Works1016.1. Introduction1016.2. Overview1026.3. Capturing packets1046.4. Capture Files1056.5. Dissect packets106Chapter 7. Introduction1087.1. Source overview1087.2. Coding styleguides1097.3. The GLib library110Chapter 8. Packet capturing1128.1. How to add a new capture type to libpcap112Chapter 9. Packet dissection1149.1. How it works1149.2. Adding a basic dissector1159.2.1. Setting up the dissector1159.2.2. Dissecting the details of the protocol1179.2.3. Improving the dissection information1209.3. How to handle transformed data1239.4. How to reassemble split packets1249.4.1. How to reassemble split UDP packets1249.4.2. How to reassemble split TCP Packets1279.5. How to tap protocols1299.6. How to produce protocol stats1309.7. How to use conversations132Chapter 10. User Interface13410.1. Introduction13410.2. The GTK library13510.2.1. GTK Version 1.x13510.2.2. GTK Version 2.x13510.2.3. Compatibility between 1.x and 2.x13610.2.4. GTK resources on the web13610.3. GUI Reference documents13810.4. Adding/Extending Dialogs13910.5. Widget naming14010.6. Common GTK programming pitfalls14110.6.1. Usage of gtk_widget_show() / gtk_widget_show_all()141Appendix A. This Document's License (GPL)143Size: 494 KBPages: 147Language: EnglishOpen manual