Skip to content

Files

Failed to load latest commit information.

Latest commit

 Cannot retrieve latest commit at this time.

History

History
 
 

wireshark

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 
About the wireshark plugin
==========================

This directory contains a script, which generates a plugin for wireshark (http://www.wireshark.org/)
which adds support for the LizardFS protocol. This plugin is compiled into a .so shared library
to make it easily redistributable, because the build process is a bit complicated.

Ensure you have the following packages installed (for Ubuntu):
      apt-get install wireshark libpcap-dev libglib2.0-dev bison flex

If you want to be able to sniff interfaces without root privileges execute:
      sudo chmod +s /usr/bin/dumpcap
On Debian/Ubuntu system you should use dpkg-statoverride command, i.e.:
      sudo addgroup pcap
      sudo adduser ${USER} pcap
      sudo dpkg-statoverride --update --add root pcap 4750 /usr/bin/dumpcap

# Set some variables
      LIZARDFS_SRCDIR=~/src/lizardfs
      WIRESHARK_SRCDIR=~/src/wireshark
      WIRESHARK_VERSION=1.10.6 # Get version by invoking wireshark --version
# Checkout the wireshark sources, eg:
      git clone http://code.wireshark.org/git/wireshark "$WIRESHARK_SRCDIR"
# Checkout your version of wireshark
      ( cd "$WIRESHARK_SRCDIR" && git checkout wireshark-$WIRESHARK_VERSION )
# Copy contents of this directory to the wireshark source directory
      tar -C "$LIZARDFS_SRCDIR"/utils/wireshark -c . | tar -C "$WIRESHARK_SRCDIR" -vx
# Run the generate.sh script (provide path to the MFSCommunication file as an argument)
      "$WIRESHARK_SRCDIR"/plugins/lizardfs/generate.sh "$LIZARDFS_SRCDIR"/src/common/MFSCommunication.h
# Edit the main CMakeLists.txt file in the wireshark source tree to add the new plugin
      vim "$WIRESHARK_SRCDIR"/CMakeLists.txt
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -413,6 +413,7 @@ if(ENABLE_PLUGINS)
                plugins/ethercat
                plugins/gryphon
                plugins/irda
+               plugins/lizardfs
                plugins/m2m
                plugins/mate
                plugins/opcua
# Build the wireshark using cmake (you don't have to build the GUI)
      mkdir "$WIRESHARK_SRCDIR"/build
      cd "$WIRESHARK_SRCDIR"/build
      cmake .. -DCMAKE_BUILD_TYPE=Release -DBUILD_wireshark=NO
      make -j8
# Install the plugin, eg. on Debian-like distros:
      sudo ln -s "$WIRESHARK_SRCDIR"/build/lib/lizardfs.so /usr/lib/wireshark/libwireshark2/plugins/
# or (depending on your wireshark version)
      sudo ln -s "$WIRESHARK_SRCDIR"/build/lib/lizardfs.so /usr/lib/x86_64-linux-gnu/wireshark/libwireshark3/plugins/
# or better yet, put plugin in your home directory:
      mkdir -p ${HOME}/.wireshark/plugins
      mv "$WIRESHARK_SRCDIR"/build/lib/lizardfs.so ${HOME}/.wireshark/plugins/
# Enjoy! This plugin recognizes the LizardFS proocol using TCP port numbers. If you use
  non-standard ports (9419-9422) you have to change it in Edit->Preferences->Protocols->LizardFS,
  eg. to parse the communication in our test suite:
      LizardFS TCP Ports: 9419-9422,25000-25015