Commit 8a477c84 authored by Andreas Schmidt's avatar Andreas Schmidt

Add wireshark dissector code.

parent 3bc2234b
Pipeline #1907 failed with stages
in 1 minute and 19 seconds
PRRT Dissector for Wireshark
* Download Wireshark Source Code:
apt-get install qt-sdk libgtk-3-dev libpcap-dev
tar xvjf wireshark-1.10.2.tar.bz2
* Copy `packet-prrt.c` to `epan/dissectors`.
* Add a line `packet-prrt.c \` in `DISSECTOR_SRC` of `epan/dissectors/Makefile.common`.
* Call make in the root folder. You can now start wireshark using `./wireshark`.
This tutorial will show you how to apply the dissector of PRRT in your wireshark.
What our PRRT dissector can do?
Our PRRT dissector can dissector the following PRRT packets: data, repeated data, redundancy, pre-sent redundancy, feedback and channel feedback. By now it can basically display the header info of PRRT packets. The sophistical display and advanced features will be supported later.
How to use it?
To use this dissector in the wireshark basically you need to perform the following steps:
0. Download the source code of wireshark and extract it.
1. Copy our dissector code (packet-prrt.c) to the directory epan/dissectors/ of the source code.
2. Add a line "packet-prrt.c \" in DISSECTOR_SRC of epan/dissectors/Makefile.common, so that we can compile our dissector code.
3. This step is optional and for advanced usage.
If you want our dissector to call subdissectors for some purposes (e.g. using mp2t to parse the payload as MPEG TS.), you need to register the subdissector by adding the following _pattern_ line in the handoff function of the subdissector:
heur_dissector_add("prrt", heuristic_dissect_method, protocol_id);
e.g. add the line in the function proto_reg_handoff_mp2t() of packet-mp2t.c for parsing PRRT payload as MPEG TS.
heur_dissector_add("prrt", heur_dissect_mp2t, proto_mp2t);
NOTE : The subdissector called by PRRT dissector at the moment must support heuristic dissecting.
NOTE : By now we provide two dissector files respectively for two wireshark versions (1.4.6 and 1.6.1), because different version of wireshark provides different methods used in the dissector code. Even the dissector code for the version 1.4.6 is compatible with wireshark 1.6.1, we still recommand you use the dissector code for the version 1.6.1 and wireshark 1.6.1, since the later version of wireshark would not support the old method any more.
The following is fully commands under a specific scenario (see the prerequisite), you may follow, to install wireshark and apply our dissector code. For installation you can choose 1.a or 1.b depending on the version of wireshark you prefer to.
0. Prerequisite :
+ Linux OS : ubuntu 10.04 or later.
+ wireshark 1.4.6 or wireshark 1.6.1.
+ libgtk2.0-dev, bison, automake1.9 and libpcap. (Maybe more dependencies required.)
1.a Installation (wireshark 1.4.6)
sudo apt-get source wireshark-dev
sudo chown -R your_account:your_account wireshark-1.4.6/
mkdir wireshark-installed
svn co
cp prrt-dissector/wireshark-1.4.6/packet-prrt.c wireshark-1.4.6/epan/dissectors/
cd wireshark-1.4.6
./configure --prefix=$PWD/../wireshark-installed/
make -j 2
make install
2.b Installation (wireshark 1.6.1)
download wireshark 1.6.1 from the
tar -xjvf wireshark-1.6.1.tar.bz2
mkdir wireshark-installed
svn co
cp prrt-dissector/wireshark-1.6.1/packet-prrt.c wireshark-1.6.1/epan/dissectors/
cd wireshark-1.6.1
./configure --prefix=$PWD/../wireshark-installed/
make -j 2
make install
3. Running the wireshark
sudo ../wireshark-installed/bin/wireshark
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment