Add wireshark dissector code.

PRRT Dissector for Wireshark

============================

Installation

------------

* Download Wireshark Source Code: https://www.wireshark.org/

    apt-get install qt-sdk libgtk-3-dev libpcap-dev

    tar xvjf wireshark-1.10.2.tar.bz2

    ./configure

* Copy `packet-prrt.c` to `epan/dissectors`.

* Add a line `packet-prrt.c \` in `DISSECTOR_SRC` of `epan/dissectors/Makefile.common`.

* Call make in the root folder. You can now start wireshark using `./wireshark`.

This tutorial will show you how to apply the dissector of PRRT in your wireshark.

What our PRRT dissector can do?

Our PRRT dissector can dissector the following PRRT packets: data, repeated data, redundancy, pre-sent redundancy, feedback and channel feedback. By now it can basically display the header info of PRRT packets. The sophistical display and advanced features will be supported later.

How to use it?

To use this dissector in the wireshark basically you need to perform the following steps:

0. Download the source code of wireshark and extract it.

1. Copy our dissector code (packet-prrt.c) to the directory epan/dissectors/ of the source code.

2. Add a line "packet-prrt.c \" in DISSECTOR_SRC of epan/dissectors/Makefile.common, so that we can compile our dissector code.

3. This step is optional and for advanced usage.

   If you want our dissector to call subdissectors for some purposes (e.g. using mp2t to parse the payload as MPEG TS.), you need to register the subdissector by adding the following _pattern_ line in the handoff function of the subdissector:

      heur_dissector_add("prrt", heuristic_dissect_method, protocol_id);

   e.g. add the line in the function proto_reg_handoff_mp2t() of packet-mp2t.c for parsing PRRT payload as MPEG TS.

      heur_dissector_add("prrt", heur_dissect_mp2t, proto_mp2t);

   NOTE : The subdissector called by PRRT dissector at the moment must support heuristic dissecting.

NOTE : By now we provide two dissector files respectively for two wireshark versions (1.4.6 and 1.6.1), because different version of wireshark provides different methods used in the dissector code. Even the dissector code for the version 1.4.6 is compatible with wireshark 1.6.1, we still recommand you use the dissector code for the version 1.6.1 and wireshark 1.6.1, since the later version of wireshark would not support the old method any more.

The following is fully commands under a specific scenario (see the prerequisite), you may follow, to install wireshark and apply our dissector code. For installation you can choose 1.a or 1.b depending on the version of wireshark you prefer to.

0. Prerequisite :

  + Linux OS : ubuntu 10.04 or later.

  + wireshark 1.4.6 or wireshark 1.6.1.

  + libgtk2.0-dev, bison, automake1.9 and libpcap. (Maybe more dependencies required.)

1.a Installation (wireshark 1.4.6)

  sudo apt-get source wireshark-dev

  sudo chown -R your_account:your_account wireshark-1.4.6/

  mkdir wireshark-installed

  svn co https://projects.nt.uni-saarland.de/svn/prrt-dissector

  cp prrt-dissector/wireshark-1.4.6/packet-prrt.c wireshark-1.4.6/epan/dissectors/

  cd wireshark-1.4.6

  ./configure --prefix=$PWD/../wireshark-installed/

  make -j 2

  make install

2.b Installation (wireshark 1.6.1)

  download wireshark 1.6.1 from the www.wireshark.org

  tar -xjvf wireshark-1.6.1.tar.bz2

  mkdir wireshark-installed

  svn co https://projects.nt.uni-saarland.de/svn/prrt-dissector

  cp prrt-dissector/wireshark-1.6.1/packet-prrt.c wireshark-1.6.1/epan/dissectors/

  cd wireshark-1.6.1

  ./configure --prefix=$PWD/../wireshark-installed/

  make -j 2

  make install

3. Running the wireshark

  sudo ../wireshark-installed/bin/wireshark