Part II. Wireshark Development
Prev   Next

Part II. Wireshark Development

Wireshark Development

The second part describes how the Wireshark sources are structured and how to change the sources such as adding a new dissector.

Table of Contents

6. Introduction
6.1. Source overview
6.2. Coding Style
6.3. The GLib library
7. How Wireshark Works
7.1. Introduction
7.2. Overview
7.3. Capturing packets
7.4. Capture Files
7.5. Dissect packets
8. Packet Capture
8.1. Adding A New Capture Type To Libpcap
8.2. Adding Capture Interfaces And Log Sources Using Extcap
8.2.1. Extcap Command Line Interface
8.2.2. Extcap Arguments
8.2.3. Toolbar Controls
9. Packet Dissection
9.1. How packet dissection works
9.2. Adding a basic dissector
9.2.1. Setting up the dissector
9.2.2. Dissecting the protocol’s details
9.2.3. Improving the dissection information
9.3. How to add an expert item
9.4. How to handle transformed data
9.5. How to reassemble split packets
9.5.1. How to reassemble split UDP packets
9.5.2. How to reassemble split TCP Packets
9.6. How to tap protocols
9.6.1. How to produce protocol statistics (stats)
9.6.2. How to follow protocol streams
9.7. How to use conversations
9.8. idl2wrs: Creating dissectors from CORBA IDL files
9.8.1. What is it?
9.8.2. Why do this?
9.8.3. How to use idl2wrs
9.8.4. TODO
9.8.5. Limitations
9.8.6. Notes
10. Wiretap
10.1. Background
10.2. Creating a new wiretap module
10.3. Additional notes on adding support for reading new capture formats
10.4. Adding support for writing capture formats
10.5. Adding support for a new encapsulation type
11. Plugins
11.1. Dissector plugins
11.2. The directory for the plugin, and its files
11.2.1. CMakeLists.txt
11.2.2. plugin.rc.in
11.3. Changes to existing Wireshark files
11.3.1. Custom extension
11.3.2. Permanent addition
11.4. Development and plugins on Unix
11.5. How to plugin related interface options
11.5.1. Implement a plugin GUI menu
11.5.2. Implement interactions with the main interface
11.5.3. Implement a plugin specific toolbar
12. Lua Support in Wireshark
12.1. Introduction
12.2. Example: Creating a Menu with Lua
12.3. Example: Dissector written in Lua
12.4. Example: Listener written in Lua
12.5. Example: Lua scripts with shared modules
13. Wireshark’s Lua API Reference Manual
13.1. Utility Functions
13.1.1. Global Functions
13.2. GUI Support
13.2.1. ProgDlg
13.2.2. TextWindow
13.2.3. Global Functions
13.3. Functions For New Protocols And Dissectors
13.3.1. Dissector
13.3.2. DissectorTable
13.3.3. Pref
13.3.4. Prefs
13.3.5. Proto
13.3.6. ProtoExpert
13.3.7. ProtoField
13.3.8. Global Functions
13.4. Obtaining Dissection Data
13.4.1. Field
13.4.2. FieldInfo
13.4.3. Global Functions
13.5. Obtaining Packet Information
13.5.1. Address
13.5.2. Column
13.5.3. Columns
13.5.4. Conversation
13.5.5. NSTime
13.5.6. Pinfo
13.5.7. PrivateTable
13.6. Functions For Handling Packet Data
13.6.1. ByteArray
13.6.2. Tvb
13.6.3. TvbRange
13.7. Adding Information To The Dissection Tree
13.7.1. TreeItem
13.8. Post-Dissection Packet Analysis
13.8.1. Listener
13.9. Saving Capture Files
13.9.1. Dumper
13.9.2. PseudoHeader
13.10. Wtap Functions For Handling Capture File Types
13.10.1. Global Functions
13.11. Custom File Format Reading And Writing
13.11.1. CaptureInfo
13.11.2. CaptureInfoConst
13.11.3. File
13.11.4. FileHandler
13.11.5. FrameInfo
13.11.6. FrameInfoConst
13.11.7. Global Functions
13.12. Directory Handling Functions
13.12.1. Dir
13.12.2. Example
13.12.3. Example
13.13. Handling 64-bit Integers
13.13.1. Int64
13.13.2. UInt64
13.14. Binary encode/decode support
13.14.1. Struct
13.15. Gcrypt symmetric cipher functions
13.15.1. GcryptCipher
13.15.2. Global Functions
13.16. PCRE2 Regular Expressions
13.17. Bitwise Operations
14. Lua Debugger
14.1. Introduction
14.2. Pause Behavior
14.2.1. Live-capture suppression
14.3. Getting Started
14.4. Toolbar
14.5. Variables
14.5.1. Changed-value cue
14.6. Watch
14.6.1. Controls and behavior
14.6.2. Path-watch syntax
14.6.3. Expression patterns
14.7. Stack Trace
14.8. Breakpoints
14.8.1. Break on Error
14.8.2. Conditions, hit counts, and logpoints
14.9. Files
14.10. Evaluate
14.11. Editor
14.11.1. Color theme
14.12. Architecture
14.13. Troubleshooting
15. User Interface
15.1. Introduction
15.2. The Qt Application Framework
15.2.1. User Experience Considerations
15.2.2. Qt Creator
15.2.3. Source Code Overview
15.2.4. Coding Practices and Naming Conventions
15.2.5. Other Issues and Information
15.3. Welcome Page Banner Slides
15.3.1. File Layout
15.3.2. JSON Schema
15.3.3. Configuration Section
15.3.4. Adding a New Default Slide
15.3.5. Custom Slides at Build Time
15.4. Human Interface Reference Documents
16. Wireshark Tests
16.1. Quick Start
16.2. Test suite structure
16.2.1. Test Coverage And Availability
16.2.2. Suites, Cases, and Tests
16.2.3. pytest fixtures
16.3. Listing And Running Tests
16.4. Adding Or Modifying Tests
16.5. External Tests
16.5.1. Custom Fixtures
17. Creating ASN.1 Dissectors
17.1. About ASN.1
17.2. ASN.1 Dissector Requirements
17.2.1. Building An ASN.1-Based Plugin
17.3. Understanding Error Messages
17.4. Hand-Massaging The ASN.1 File
17.5. Command Line Syntax
17.6. Generated Files
17.7. Step By Step Instructions
17.8. Hints For Using Asn2wrs
17.8.1. ANY And Parameterized Types
17.8.2. Tagged Assignments
17.8.3. Untagged CHOICEs
17.8.4. Imported Module Name Conflicts
17.9. Simple ASN.1-Based Dissector
17.10. Conformance (.cnf) Files
17.10.1. Example .cnf File
17.10.2. Example packet-protocol-template.h File
17.10.3. Example packet-protocol-template.c File
17.11. Conformance File Directive Reference
17.11.1. #.END
17.11.2. #.EXPORTS
17.11.3. #.FN_BODY
17.11.4. #.MODULE_IMPORT, #.INCLUDE and #.IMPORT
17.11.5. #.MODULE_IMPORT
17.11.6. #.INCLUDE and #.IMPORT
17.11.7. #.NO_EMIT And #.USER_DEFINED
17.11.8. #.PDU and #.PDU_NEW
17.11.9. #.REGISTER and #.REGISTER_NEW
18. This Document’s License (GPL)
Prev   Next
5.14. WinSparkle (Optional) Home Chapter 6. Introduction