Part II. Wireshark Development
Prev		Next

Part II. Wireshark Development

Wireshark Development

The second part describes how the Wireshark sources are structured and how to change the sources such as adding a new dissector.

Table of Contents

6. Introduction

6.1. Source overview
6.2. Coding Style
6.3. The GLib library

7. How Wireshark Works

7.1. Introduction
7.2. Overview
7.3. Capturing packets
7.4. Capture Files
7.5. Dissect packets

8. Packet Capture

8.1. Adding A New Capture Type To Libpcap

8.2. Adding Capture Interfaces And Log Sources Using Extcap

8.2.1. Extcap Command Line Interface
8.2.2. Extcap Arguments
8.2.3. Toolbar Controls

9. Packet Dissection

9.1. How packet dissection works

9.2. Adding a basic dissector

9.2.1. Setting up the dissector
9.2.2. Dissecting the protocol’s details
9.2.3. Improving the dissection information

9.3. How to add an expert item

9.4. How to handle transformed data

9.5. How to reassemble split packets

9.5.1. How to reassemble split UDP packets
9.5.2. How to reassemble split TCP Packets

9.6. How to tap protocols

9.6.1. How to produce protocol statistics (stats)
9.6.2. How to follow protocol streams

9.7. How to use conversations

9.8. idl2wrs: Creating dissectors from CORBA IDL files

9.8.1. What is it?
9.8.2. Why do this?
9.8.3. How to use idl2wrs
9.8.4. TODO
9.8.5. Limitations
9.8.6. Notes

10. Wiretap

10.1. Background
10.2. Creating a new wiretap module
10.3. Additional notes on adding support for reading new capture formats
10.4. Adding support for writing capture formats
10.5. Adding support for a new encapsulation type

11. Lua Support in Wireshark

11.1. Introduction
11.2. Example: Creating a Menu with Lua
11.3. Example: Dissector written in Lua
11.4. Example: Listener written in Lua
11.5. Example: Lua scripts with shared modules

12. Wireshark’s Lua API Reference Manual

12.1. Utility Functions

12.1.1. Global Functions

12.2. GUI Support

12.2.1. ProgDlg
12.2.2. TextWindow
12.2.3. Global Functions

12.3. Functions For New Protocols And Dissectors

12.3.1. Dissector
12.3.2. DissectorTable
12.3.3. Pref
12.3.4. Prefs
12.3.5. Proto
12.3.6. ProtoExpert
12.3.7. ProtoField
12.3.8. Global Functions

12.4. Obtaining Dissection Data

12.4.1. Field
12.4.2. FieldInfo
12.4.3. Global Functions

12.5. Obtaining Packet Information

12.5.1. Address
12.5.2. Column
12.5.3. Columns
12.5.4. Conversation
12.5.5. NSTime
12.5.6. Pinfo
12.5.7. PrivateTable

12.6. Functions For Handling Packet Data

12.6.1. ByteArray
12.6.2. Tvb
12.6.3. TvbRange

12.7. Adding Information To The Dissection Tree

12.7.1. TreeItem

12.8. Post-Dissection Packet Analysis

12.8.1. Listener

12.9. Saving Capture Files

12.9.1. Dumper
12.9.2. PseudoHeader

12.10. Wtap Functions For Handling Capture File Types

12.10.1. Global Functions

12.11. Custom File Format Reading And Writing

12.11.1. CaptureInfo
12.11.2. CaptureInfoConst
12.11.3. File
12.11.4. FileHandler
12.11.5. FrameInfo
12.11.6. FrameInfoConst
12.11.7. Global Functions

12.12. Directory Handling Functions

12.12.1. Dir
12.12.2. Example
12.12.3. Example

12.13. Handling 64-bit Integers

12.13.1. Int64
12.13.2. UInt64

12.14. Binary encode/decode support

12.14.1. Struct

12.15. Gcrypt symmetric cipher functions

12.15.1. GcryptCipher
12.15.2. Global Functions

12.16. PCRE2 Regular Expressions

12.17. Bitwise Operations

13. User Interface

13.1. Introduction

13.2. The Qt Application Framework

13.2.1. User Experience Considerations
13.2.2. Qt Creator
13.2.3. Source Code Overview
13.2.4. Coding Practices and Naming Conventions
13.2.5. Other Issues and Information

13.3. Human Interface Reference Documents

14. Wireshark Tests

14.1. Quick Start

14.2. Test suite structure

14.2.1. Test Coverage And Availability
14.2.2. Suites, Cases, and Tests
14.2.3. pytest fixtures

14.3. Listing And Running Tests

14.4. Adding Or Modifying Tests

14.5. External Tests

14.5.1. Custom Fixtures

15. Creating ASN.1 Dissectors

15.1. About ASN.1

15.2. ASN.1 Dissector Requirements

15.2.1. Building An ASN.1-Based Plugin

15.3. Understanding Error Messages

15.4. Hand-Massaging The ASN.1 File

15.5. Command Line Syntax

15.6. Generated Files

15.7. Step By Step Instructions

15.8. Hints For Using Asn2wrs

15.8.1. ANY And Parameterized Types
15.8.2. Tagged Assignments
15.8.3. Untagged CHOICEs
15.8.4. Imported Module Name Conflicts

15.9. Simple ASN.1-Based Dissector

15.10. Conformance (.cnf) Files

15.10.1. Example .cnf File
15.10.2. Example packet-protocol-template.h File
15.10.3. Example packet-protocol-template.c File

15.11. Conformance File Directive Reference

15.11.1. #.END
15.11.2. #.EXPORTS
15.11.3. #.FN_BODY
15.11.4. #.MODULE_IMPORT, #.INCLUDE and #.IMPORT
15.11.5. #.MODULE_IMPORT
15.11.6. #.INCLUDE and #.IMPORT
15.11.7. #.NO_EMIT And #.USER_DEFINED
15.11.8. #.PDU and #.PDU_NEW
15.11.9. #.REGISTER and #.REGISTER_NEW

16. This Document’s License (GPL)

Prev		Next
5.14. WinSparkle (Optional)	Home	Chapter 6. Introduction