Wireshark-dev: [Wireshark-dev] wireshark-devel package - Was: [Wireshark-core] Working up to a
From: Joerg Mayer <[email protected]>
Date: Tue, 31 May 2011 00:02:11 +0200
[Moved this to wireshark-dev as it still does not belong onto

On Mon, May 30, 2011 at 04:18:31PM +0200, Balint Reczey wrote:
>> I still don't know how it works when we don't install header files,
>> network except have copy of wireshark .h files?
> On Debian we ship .h files in the wireshark-dev (libwireshark-dev,
> libwiretap-dev, libwsutil-dev in recent package versions).
> netexpect build-depends on those packages.

OK, as this seems to repeat every 6-8 months right now, let me repeat
my standard answer to this as well:
The library was never meant to be used outside Wireshark (well,
Ethereal). It was created to prevent us from linking the same code into
ethereal and tethereal. We do not have a proper API and looking at the
hoops people are jumping through to create a "devel" package is just
plain ugly: iff some people really feel they want to create a devel
package that is not endorsed by the majority of wireshark developers
then at least do it properly: create proper include files instead of
just adding more and more includes files of the normal dissctors etc.
Most likely this will need to be redone for each major release, but
that's what you get when you effectively create a fork (although for
packaging purposes only).

The only "stable" solution that I see is to create something like
ipcshark where the dissection is running as a service and other
processes just use this service by feeding it undissected traces
plus some specification on the dissectoin details and the output format
and receive the disscted stuff back in said format. Of course you
loose a bit of performance, but that is the only stable longtime
solution i see.

Joerg Mayer                                           <[email protected]>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.