Recently we received some dissector plugins for Wireshark version 1.8.x, which is not available to install through the repositories.
So, we had to install it ourselves and we decided to use version 1.8.8 that was the latest version of the 1.8.x series available in the following FedoraProject.org page.
The source code is available at https://www.wireshark.org/download/src/all-versions/ and http://pkgs.fedoraproject.org/repo/pkgs/wireshark/.
Download the patched version here: [download id=”3443″]
Synopsis
While configuring we run into a few problems, that we solved by installing the following packages:
sudo dnf install perl-podlators perl-Pod-Html gtk2-devel gtk3-devel libpcap-devel byacc flex -y;
When compiling we run into an error where an a wireshark enum
was conflicting with a system one.
To resolve that issue we modified the file: epan/dissectors/packet-gluster.h
and at line 357
we removed the next enum
:
/* dir-entry types from libglusterfs/src/compat.h */ enum gluster_entry_types { DT_UNKNOWN = 0, DT_FIFO = 1, DT_CHR = 2, DT_DIR = 4, DT_BLK = 6, DT_REG = 8, DT_LNK = 10, DT_SOCK = 12, DT_WHT = 14 };
It is safe to delete it as it exists in the exact same form and same values in the system header files.
Please note that in version 1.8.15
we found the following enum
, which shows that it was decided later on to just change the enum
fields.
/* dir-entry types from libglusterfs/src/compat.h */ enum gluster_entry_types { GLUSTER_DT_UNKNOWN = 0, GLUSTER_DT_FIFO = 1, GLUSTER_DT_CHR = 2, GLUSTER_DT_DIR = 4, GLUSTER_DT_BLK = 6, GLUSTER_DT_REG = 8, GLUSTER_DT_LNK = 10, GLUSTER_DT_SOCK = 12, GLUSTER_DT_WHT = 14 };
Later during compilation we got the error that there was an undefined reference to g_memmove
, we copied the definition of g_memmove
(see below) from packaging/macosx/native-gtk/glibconfig.h
at line 81
and pasted it on the first line of the files ui/gtk/export_object_smb.c
and epan/dissectors/packet-ssl-utils.c
.
#define g_memmove(dest,src,len) G_STMT_START { memmove ((dest), (src), (len)); } G_STMT_END
Finally during documentation generation we had a problem with two authors that there were Non-ASCII
characters in their names so we updated the file AUTHORS
and replaced the names Peter Kovář
with Peter Kovar
and Роман Донченко
with Roman Donchenko
which are strings that only contain ASCII
characters.
Download the patched version here: [download id=”3443″]
The Problems One by One
checking for pod2man... /usr/bin/pod2man checking for pod2html... no configure: error: I couldn't find pod2html; make sure it's installed and in your path
Solution: sudo dnf install perl-podlators perl-Pod-Html;
checking for GTK+ - version >= 2.12.0 and < 3.0... Package gtk+-2.0 was not found in the pkg-config search path. Perhaps you should add the directory containing `gtk+-2.0.pc' to the PKG_CONFIG_PATH environment variable No package 'gtk+-2.0' found no *** Could not run GTK+ test program, checking why... *** The test program failed to compile or link. See the file config.log for the *** exact error that occured. This usually means GTK+ is incorrectly installed. configure: error: Neither Qt nor GTK+ 2.12 or later are available, so Wireshark can't be compiled
Solution: sudo dnf install gtk2-devel gtk3-devel;
checking for pcap-config... no checking for extraneous pcap header directories... not found checking pcap.h usability... no checking pcap.h presence... no checking for pcap.h... no configure: error: Header file pcap.h not found; if you installed libpcap from source, did you also do "make install-incl", and if you installed a binary package of libpcap, is there also a developer's package of libpcap, and did you also install that package?
Solution: sudo dnf install libpcap-devel;
libtool: compile: gcc -DHAVE_CONFIG_H -I. -I../.. -I./../.. -I./.. -DINET6 -DG_DISABLE_DEPRECATED -DG_DISABLE_SINGLE_INCLUDES -DGSEAL_ENABLE -DGTK_DISABLE_DEPRECATED -DGTK_DISABLE_SINGLE_INCLUDES -D_FORTIFY_SOURCE=2 "-D_U_=__attribute__((unused))" -I/usr/local/include -DPLUGIN_DIR=\"/usr/local/lib/wireshark/plugins/1.8.8\" -g -O2 -Wall -W -Wextra -Wdeclaration-after-statement -Wendif-labels -Wpointer-arith -Wno-pointer-sign -Warray-bounds -Wcast-align -Wformat-security -Wold-style-definition -Wno-error=unused-but-set-variable -fexcess-precision=fast -pthread -I/usr/include/gtk-2.0 -I/usr/lib64/gtk-2.0/include -I/usr/include/pango-1.0 -I/usr/include/atk-1.0 -I/usr/include/cairo -I/usr/include/pixman-1 -I/usr/include/libdrm -I/usr/include/gdk-pixbuf-2.0 -I/usr/include/libpng16 -I/usr/include/pango-1.0 -I/usr/include/harfbuzz -I/usr/include/pango-1.0 -I/usr/include/glib-2.0 -I/usr/lib64/glib-2.0/include -I/usr/include/freetype2 -I/usr/include/libpng16 -I/usr/include/freetype2 -I/usr/include/libpng16 -MT libdissectors_la-packet-gluster_cli.lo -MD -MP -MF .deps/libdissectors_la-packet-gluster_cli.Tpo -c packet-gluster_cli.c -fPIC -DPIC -o .libs/libdissectors_la-packet-gluster_cli.o In file included from /usr/include/glib-2.0/glib/gdir.h:32:0, from /usr/include/glib-2.0/glib.h:45, from packet-gluster_cli.c:40: packet-gluster.h:359:2: error: redeclaration of enumerator 'DT_UNKNOWN' DT_UNKNOWN = 0, ^ /usr/include/dirent.h:99:5: note: previous definition of 'DT_UNKNOWN' was here DT_UNKNOWN = 0, ^~~~~~~~~~ packet-gluster.h:360:2: error: redeclaration of enumerator 'DT_FIFO' DT_FIFO = 1, ^ /usr/include/dirent.h:101:5: note: previous definition of 'DT_FIFO' was here DT_FIFO = 1, ^~~~~~~ packet-gluster.h:361:2: error: redeclaration of enumerator 'DT_CHR' DT_CHR = 2, ^ /usr/include/dirent.h:103:5: note: previous definition of 'DT_CHR' was here DT_CHR = 2, ^~~~~~ packet-gluster.h:362:2: error: redeclaration of enumerator 'DT_DIR' DT_DIR = 4, ^ /usr/include/dirent.h:105:5: note: previous definition of 'DT_DIR' was here DT_DIR = 4, ^~~~~~ packet-gluster.h:363:2: error: redeclaration of enumerator 'DT_BLK' DT_BLK = 6, ^ /usr/include/dirent.h:107:5: note: previous definition of 'DT_BLK' was here DT_BLK = 6, ^~~~~~ packet-gluster.h:364:2: error: redeclaration of enumerator 'DT_REG' DT_REG = 8, ^ /usr/include/dirent.h:109:5: note: previous definition of 'DT_REG' was here DT_REG = 8, ^~~~~~ packet-gluster.h:365:2: error: redeclaration of enumerator 'DT_LNK' DT_LNK = 10, ^ /usr/include/dirent.h:111:5: note: previous definition of 'DT_LNK' was here DT_LNK = 10, ^~~~~~ packet-gluster.h:366:2: error: redeclaration of enumerator 'DT_SOCK' DT_SOCK = 12, ^ /usr/include/dirent.h:113:5: note: previous definition of 'DT_SOCK' was here DT_SOCK = 12, ^~~~~~~ packet-gluster.h:367:2: error: redeclaration of enumerator 'DT_WHT' DT_WHT = 14 ^ /usr/include/dirent.h:115:5: note: previous definition of 'DT_WHT' was here DT_WHT = 14 ^~~~~~ Makefile:6516: recipe for target 'libdissectors_la-packet-gluster_cli.lo' failed make[5]: *** [libdissectors_la-packet-gluster_cli.lo] Error 1
Solution: edit epan/dissectors/packet-gluster.h
and at line 357
delete this
/* dir-entry types from libglusterfs/src/compat.h */ enum gluster_entry_types { DT_UNKNOWN = 0, DT_FIFO = 1, DT_CHR = 2, DT_DIR = 4, DT_BLK = 6, DT_REG = 8, DT_LNK = 10, DT_SOCK = 12, DT_WHT = 14 };
libtool: link: gcc -DPYTHON_DIR= -g -O2 -Wall -W -Wextra -Wdeclaration-after-statement -Wendif-labels -Wpointer-arith -Wno-pointer-sign -Warray-bounds -Wcast-align -Wformat-security -Wold-style-definition -Wno-error=unused-but-set-variable -fexcess-precision=fast -pthread -I/usr/include/gtk-2.0 -I/usr/lib64/gtk-2.0/include -I/usr/include/pango-1.0 -I/usr/include/atk-1.0 -I/usr/include/cairo -I/usr/include/pixman-1 -I/usr/include/libdrm -I/usr/include/gdk-pixbuf-2.0 -I/usr/include/libpng16 -I/usr/include/pango-1.0 -I/usr/include/harfbuzz -I/usr/include/pango-1.0 -I/usr/include/glib-2.0 -I/usr/lib64/glib-2.0/include -I/usr/include/freetype2 -I/usr/include/libpng16 -I/usr/include/freetype2 -I/usr/include/libpng16 -Wl,--as-needed -o .libs/wireshark wireshark-capture-pcap-util-unix.o wireshark-capture-pcap-util.o wireshark-cfile.o wireshark-clopts_common.o wireshark-disabled_protos.o wireshark-frame_data_sequence.o wireshark-packet-range.o wireshark-print.o wireshark-ps.o wireshark-sync_pipe_write.o wireshark-timestats.o wireshark-tap-megaco-common.o wireshark-tap-rtp-common.o wireshark-version_info.o wireshark-capture_ifinfo.o wireshark-capture_sync.o wireshark-capture_ui_utils.o wireshark-airpcap_loader.o wireshark-capture.o wireshark-capture_info.o wireshark-capture_opts.o wireshark-color_filters.o wireshark-file.o wireshark-fileset.o wireshark-filters.o wireshark-g711.o wireshark-merge.o wireshark-proto_hier_stats.o wireshark-recent.o wireshark-summary.o wireshark-tempfile.o wireshark-u3.o .libs/wiresharkS.o -pthread -Wl,--export-dynamic -pthread -Wl,--export-dynamic -L/usr/local/lib ui/gtk/libgtkui.a ui/gtk/libgtkui_dirty.a ui/libui.a codecs/libcodec.a wiretap/.libs/libwiretap.so epan/.libs/libwireshark.so wsutil/.libs/libwsutil.so -lpcap -lkrb5 -lk5crypto -lcom_err -lgtk-x11-2.0 -lgdk-x11-2.0 -lpangocairo-1.0 -latk-1.0 -lcairo -lgdk_pixbuf-2.0 -lgio-2.0 -lpangoft2-1.0 -lpango-1.0 -lgobject-2.0 -lfontconfig -lfreetype -lgthread-2.0 -lgmodule-2.0 -lglib-2.0 -lm -lz -pthread -Wl,-rpath -Wl,/usr/local/lib ui/gtk/libgtkui.a(libgtkui_a-export_object_smb.o): In function `insert_chunk': /home/george/Downloads/wireshark-1.8.8/ui/gtk/export_object_smb.c:230: undefined reference to `g_memmove' collect2: error: ld returned 1 exit status
Solution: Copy the definition of g_memmove
(see below) from packaging/macosx/native-gtk/glibconfig.h
at line 81
and paste it on the first line of the files ui/gtk/export_object_smb.c
and epan/dissectors/packet-ssl-utils.c
.
#define g_memmove(dest,src,len) G_STMT_START { memmove ((dest), (src), (len)); } G_STMT_END
Making all in doc make[2]: Entering directory '/home/george/Downloads/wireshark-1.8.8/doc' /usr/bin/perl ./perlnoutf.pl ./make-authors-short.pl < ../AUTHORS > AUTHORS-SHORT cp AUTHORS-SHORT .. /usr/bin/perl ./perlnoutf.pl ./make-authors-format.pl < AUTHORS-SHORT > AUTHORS-SHORT-FORMAT cat ./wireshark.pod.template AUTHORS-SHORT-FORMAT > wireshark.pod /usr/bin/pod2man \ --center="The Wireshark Network Analyzer" \ --release=1.8.8 \ wireshark.pod > wireshark.1 Wide character in printf at /usr/share/perl5/vendor_perl/Pod/Simple.pm line 565. wireshark.pod around line 3527: Non-ASCII character seen before =encoding in 'KovE<aacute>ř'. Assuming UTF-8 POD document had syntax errors at /usr/bin/pod2man line 71.
and
cat ./wireshark.pod.template AUTHORS-SHORT-FORMAT > wireshark.pod /usr/bin/pod2man \ --center="The Wireshark Network Analyzer" \ --release=1.8.8 \ wireshark.pod > wireshark.1 Wide character in printf at /usr/share/perl5/vendor_perl/Pod/Simple.pm line 565. wireshark.pod around line 3618: Non-ASCII character seen before =encoding in 'Роман'. Assuming UTF-8 POD document had syntax errors at /usr/bin/pod2man line 71.
Solution: update the file AUTHORS
and replace the names the names Peter Kovář
with Peter Kovar
and Роман Донченко
with Roman Donchenko
which are strings that only contain ASCII
characters.
Download the patched version here: [download id=”3443″]