John T. Haller wrote:
Hello all,
My name is John T. Haller and I'm the lead developer behind
PortableApps.com. We've repackaged many popular programs like
OpenOffice.org, Firefox, Thunderbird, PuTTY and more to be entirely
portable and run from an USB device you'd like (flash drive, iPod,
portable hard drive, etc). There have been a few people asking for a
portable version of Wireshark to use in this setting.
I noticed you'd posted a package for the proprietary/closed U3 platform.
The goal of PortableApps.com is to be compatible with all drives, not
to lock people into drives from one manufacturer. This is born out by
the download numbers as the portable apps see about 10x the downloads of
the U3 apps.
So, I was wondering if you'd consider working on a portable solution in
addition to (or instead of) the package for the niche U3 platform. I'd
be happy to assist and contribute code to that end, of course. And, it
would be easier for all the Wireshark developers and users to test since
you can run it from any existing hardware you have (or even from your
local hard drive).
Hi John!
In fact I'm using some PortableApps already, so yes, I know your page -
very nice work!
I would personally welcome a "PortableWireshark" version, and would be
willing to spend some effort for it (unfortunately, currently my time is
pretty limited).
BTW: We will probably not drop U3 support, unless there's a very good
reason for it :-)
BTW(2): The main U3 advantage I still see is the way it's closing
applications - which might be added easily to PortableApps as well.
There are the two tasks to make Wireshark a full "Portable App":
1)
make Wireshark itself "portable" - shouldn't be too difficult as
Wireshark is cleanly programmed in this regard
The current U3 code leads to the places to look at. It's about finding
some directories, e.g. where to find/save the users settings (usually at
"c:\Documents and Settings\<username>\Application Data\Wireshark" or the
corresponding international path). You might already have some solutions
for this, as I guess this is a common problem for all portable apps.
Some background info:
- the Wireshark installer is already NSIS based
- Wireshark itself won't write to the registry (the installer will only
write to the registry for file extension association which can be easily
ommited)
- WS should be able to run with "ordinary" user privileges
=> Making Wireshark a ProtableApp shouldn't be too difficult.
2)
make WinPcap "portable" - I don't know a good way for this (might become
pretty difficult)
WinPcap is the driver to capture live network data (for Wireshark and a
lot of similiar tools). It seems that WinPcap must be installed in
c:\winnt\system32 to work properly - at least I don't know a better way
than this :-(
Unfortunatly, while WinPcap itself is open source, the WinPcap installer
is closed source, so there's no easy way to get an idea how to do it
from sample code.
This is how the U3 package handles this when the stick is plugged in:
- detect if WinPcap is already installed on the system
- if not, call the WinPcap setup.exe and install it on the system
- when the stick is going to be unplugged and WinPcap was installed by
the U3 package, ask the user if he wants to uninstall WinPcap
=> This obviously isn't nice, but we don't know a better way. In
addition, you'll need Administrative privileges to
install/start/uninstall winPcap :-(
Wireshark will run without WinPcap, e.g to show previously captured
data, but WinPcap is needed to capture any live network data.
-----------------------------
So what I would like to know for a start:
- how to distinguish if WS is running as a PA(U3 uses an environment
setting)? Or is this done through a command line switch or such?
- we'll need an "Application Data/Wireshark" directory somewhere on the
stick - is there a "portable app recommendation" for this?
- where do we get one of those fancy splash screens for Wireshark from?
Might be derived from the current splash screen picture ;-)
Regards, ULFL
P.S.: Well, the page http://portableapps.com/development is a bit short
;-) If it would be more comprehensive, I might have started this task
already a lot earlier ...
