Qt is a cross-platform application development framework. While we mainly use the core (QtCore) and user interface (QtWidgets) modules, it also supports a number of other modules for specialized application development, such as networking (QtNetwork) and web browsing (QtWebKit).
At the time of this writing (September 2016) most of the main Wireshark application has been ported to Qt. The sections below provide an overview of the application and tips for Qt development in our environment.
When creating or modifying Wireshark try to make sure that it will work well on Windows, macOS, and Linux. See Section 12.3, “Human Interface Reference Documents” for details. Additionally, try to keep the following in mind:
Workflow. Excessive navigation and gratuitous dialogs should be avoided or reduced. For example, compared to the legacy UI many alert dialogs have been replaced with status bar messages. Statistics dialogs are displayed immediately instead of requiring that options be specified.
Discoverability and feedback. Most users don’t like to read documentation and instead prefer to learn an application as they use it. Providing feedback increases your sense of control and awareness, and makes the application more enjoyable to use. Most of the Qt dialogs provide a “hint” area near the bottom which shows useful information. For example, the “Follow Stream” dialog shows the packet corresponding to the text under the mouse. The profile management dialog shows a clickable path to the current profile. The main welcome screen shows live interface traffic. Most dialogs have a context menu that shows keyboard shortcuts.
Qt Creator is a full-featured IDE and user interface editor. It makes adding new UI features much easier. It doesn’t work well on Windows at the present time, so it’s recommended that you use it on macOS or Linux.
To edit and build Wireshark using Qt Creator, open the top-level
CMakeLists.txt within Qt Creator. It should ask you to choose a build
location. Do so. It should then ask you to run CMake. Fill in any
desired build arguments (e.g.
-D CMAKE_BUILD_TYPE=Debug or
ENABLE_CCACHE=ON) and click the button. When that
completes select → and make
sure wireshark is selected.
Note that Qt Creator uses output created by CMake’s “CodeBlocks” generator. If you run CMake outside of Qt Creator you should use the “CodeBlocks - Unix Makefiles” generator, otherwise Qt Creator will prompt you to re-run CMake.
main entry point is in ui/qt/main.cpp. Command-line arguments
are processed there and the main application class (
instance is created there along with the main window.
The main window along with the rest of the application resides in ui/qt. Due to its size the main window code is split into two modules, main_window.cpp and main_window_slots.cpp.
Most of the modules in ui/qt are dialogs. Although we follow Qt naming conventions for class names, we follow our own conventions by separating file name components with underscores. For example, ColoringRulesDialog is defined in coloring_rules_dialog.cpp, coloring_rules_dialog.h, and coloring_rules_dialog.ui.
General-purpose dialogs are subclasses of
QDialog. Dialogs that rely on the
current capture file can subclass
WiresharkDialog, which provides methods and
members that make it easier to access the capture file and to keep the dialog
open when the capture file closes.
The code in ui/qt directory uses three APIs: Qt (which uses InterCapConvention), GLib (which uses underscore_convention), and the Wireshark API (which also uses underscore_convention). As a general rule Wireshark’s Qt code uses InterCapConvention for class names, interCapConvention for methods, and underscore_convention for variables, with a trailing_underscore_ for member variables.
Dialogs that work with capture file information shouldn’t close just because the
capture file closes. Subclassing
WiresharkDialog as described above can make
it easier to persist across capture files.
When you create a window with a row of standard “OK” and “Close” buttons at the bottom using Qt Creator you will end up with a subclass of QDialog. This is fine for traditional modal dialogs, but many times the “dialog” needs to behave like a QWindow instead.
Modal dialogs should be constructed with
QDialog(parent). Modeless dialogs
(windows) should be constructed with
QDialog(NULL, Qt::Window). Other
QDialog(parent, Qt::Window)) can lead to odd and
inconsistent behavior. Again, subclassing
WiresharkDialog will take care of
this for you.
Most of the dialogs in ui/qt share many similarities, including method names, widget names, and behavior. Most dialogs should have the following, although it’s not strictly required:
updateWidgets()method, which enables and disables widgets depending on the current state and constraints of the dialog. For example, the Coloring Rules dialog disables the Save button if the user has entered an invalid display filter.
hintLabel()widget subclassed from
ElidedLabel, placed just above the dialog button box. The hint label provides guidance and feedback to the user.
ctx_menu_) for additional actions not present in the button box.
If the dialog box contains a
QTreeWidget you might want to add your own
QTreeWidgetItem subclass with the following methods:
QVariant. Used for copying as CSV, YAML, etc.
Wireshark’s C code and GLib use UTF-8 encoded character arrays. Qt
(specifically QString) uses UTF-16. You can convert a
char * to a
QString using simple assignment. You can convert a
QString to a
const char * using
If you’re using GLib string functions or plain old C character array idioms in Qt-only code you’re probably doing something wrong, particularly if you’re manually allocating and releasing memory. QStrings are generally much safer and easier to use. They also make translations easier.
If you need to pass strings between Qt and GLib you can use a number of convenience routines which are defined in ui/qt/qt_ui_utils.h.
If you’re calling a function that returns wmem-allocated memory it might make more sense to add a wrapper function to qt_ui_utils than to call wmem_free in your code.
Sometimes we have to call C++ functions from one of Wireshark’s C callbacks and pass C++ objects to or from C. Tap listeners are a common example. The C++ FAQ link:http://www. parashift.com/c++-faq/mixing-c-and-cpp.html:[describes how to do this safely].
Tapping usually involves declaring static methods for callbacks, passing
as the tap data.
Qt provides a convenient method for translating text:
usually available as
However, please avoid using
tr() for static strings and define them in *.ui
tr() on manually created objects like
QMenu are not
automatically retranslated and must instead be manually translated using
retranslateUi(). See summary_dialog.[ch] for an example
If your object life is short and your components are (re)created
dynamically then it is ok to use
In most cases you should handle the changeEvent in order to catch
Qt makes translating the Wireshark UI into different languages easy. To add a new translation, do the following:
lupdate ui/qt -ts ui/qt/wireshark_XX.tsto generate/update your translation file.
Alternatively you can put your QM and flag files in the languages directory in the Wireshark user configuration directory ($XDG_CONFIG_HOME/wireshark/languages/ or $HOME/.wireshark/languages/ on UNIX).
For more information about Qt Linguist see its manual.
You can also manage translations online with Transifex.
Each week translations are automatically synchronized with the source code through the following steps:
Qt provides a number of colors via the QPalette class. Use this class when you need a standard color provided by the underlying operating system.
Wireshark uses an extended version of the
Tango Color Palette
for many interface elements that require custom colors. This includes the
I/O graphs, sequence diagrams, and RTP streams. Please use this palette
tango_colors.h and the ColorUtils class) if QPalette
doesn’t meet your needs.
The main window has many QActions which are shared with child widgets. See ui/qt/proto_tree.cpp for an example of this.
GammaRay lets you inspect the internals of a running Qt application similar to Spy++ on Windows.