2017-11-15 13:50:19 +00:00
|
|
|
------------------------------------------------------------------------
|
|
|
|
How to build wireshark with HAProxy Peers Protocol dissection support.
|
|
|
|
------------------------------------------------------------------------
|
|
|
|
|
|
|
|
Please note that at this time, HAProxy Peers Protocol dissection is not supported
|
|
|
|
on Windows systems (could not be tested).
|
|
|
|
|
|
|
|
1) File list
|
|
|
|
-------------
|
2018-11-10 03:00:24 +00:00
|
|
|
- packet-happp.c: source code for HAProxy Peers Protocol (HAPPP) dissection
|
2017-11-15 13:50:19 +00:00
|
|
|
support.
|
|
|
|
- wireshark.happp.dissector.patch: a patch file for wireshark sources to enable HAPPP
|
|
|
|
dissection support. Note that this patch file modifies only two files:
|
|
|
|
(epan/dissectors/CMakeLists.txt and epan/dissectors/Makefile.am) to add
|
|
|
|
packet-happp.c file DISSECTOR_SRC variable which list all wireshark
|
|
|
|
- README: this file.
|
|
|
|
|
2020-04-25 20:03:29 +00:00
|
|
|
2a) To build wireshark with HAPPP dissection support
|
2017-11-15 13:50:19 +00:00
|
|
|
---------------------------------------------------
|
|
|
|
- Download wireshark sources:
|
|
|
|
$ git clone https://code.wireshark.org/review/wireshark
|
|
|
|
- copy packet-happp.c file to epan/dissectors/ directory.
|
|
|
|
- apply wireshark.happp.dissector.patch file to wireshark source directory.
|
|
|
|
- build wireshark (see https://www.wireshark.org/docs/wsdg_html_chunked/):
|
|
|
|
$ ./autogen.sh
|
|
|
|
$ ./configure
|
|
|
|
$ make
|
2020-04-25 20:03:29 +00:00
|
|
|
|
|
|
|
2b) Alternative: build the HAPPP dissector as a wireshark plugin
|
|
|
|
-----------------------------------------------------------------
|
|
|
|
If you don't want to build completely wireshark, you can build the dissector as
|
|
|
|
a plugin.
|
|
|
|
|
|
|
|
You will need the development package of your distribution, which is
|
|
|
|
"libwireshark-dev" for debian based distribution and "wireshark-dev" for
|
|
|
|
redhat-based ones.
|
|
|
|
|
|
|
|
$ make
|
|
|
|
|
2021-01-19 13:33:24 +00:00
|
|
|
It is possible that depending on your distribution the compilation may fail
|
|
|
|
with such an error:
|
|
|
|
|
|
|
|
packet-happp.c:40:10: fatal error: ws_version.h: No such file or directory
|
|
|
|
#include <ws_version.h>
|
|
|
|
|
|
|
|
In this case try to build this plugins with this OPTS variable:
|
|
|
|
|
|
|
|
$ OPTS=-DWITHOUT_WS_VERSION make
|
|
|
|
|
2020-04-25 20:03:29 +00:00
|
|
|
To install it in your home directory:
|
|
|
|
|
|
|
|
$ make install
|
|
|
|
|
|
|
|
The plugin will be installed in ~/.wireshark/plugins/ by default, but you can
|
|
|
|
change this path by setting the "plugins" variable. If it didn't work, check
|
|
|
|
the paths in "Help > About Wireshark > Folders > Personal Plugins" which should
|
|
|
|
give you the right path to use.
|
|
|
|
|
|
|
|
In some distribution it will be in ~/.local/lib/wireshark/ so you will need to
|
|
|
|
install it this way:
|
|
|
|
|
|
|
|
$ make install plugins=~/.local/lib/wireshark/plugins/3.2/epan/
|
|
|
|
|
|
|
|
If you want to install it in the system directory you can do it this way, the
|
|
|
|
righ path is also in the Folder window. Change the plugins variable this way:
|
|
|
|
|
|
|
|
$ sudo make install plugins=/usr/lib64/wireshark/plugins/3.2/epan/
|
|
|
|
|
|
|
|
Be careful to use the right version number in the path.
|
|
|
|
|
|
|
|
3) Check if you have the dissector in wireshark
|
|
|
|
-----------------------------------------------
|
|
|
|
To verify if the protocol was well loaded by your wireshark, open the Supported
|
|
|
|
Protocols window in "View > Internals > Supported Protocols" and look for
|
|
|
|
"HAPPP".
|
|
|
|
|
|
|
|
In the case of a plugin, you should see your plugin loaded in "Help > About
|
|
|
|
Wireshark > Plugins".
|