Project

General

Profile

WireSharkPage » History » Version 3

Anonymous, 04/22/2017 04:04 PM
Explain how to patch WireShark.

1 1
= Extending Wireshark =
2
The !WireShark packet sniffer normally doesn't support APCO P25. If you want to sniff P25 traffic using !WireShark then you'll need to patch the sources and rebuild it.
3
4 3
=== Downloading !WireShark ===
5
You first need to obtain the source code for !WireShark. Details of how to obtain source code for !WireShark release versions is available from the [http://www.wireshark.org/download.html downloads section of the WireShark web-site]. Most GNU/Linux distributions provide a source code package and so you should follow the appropriate procedure to download and install the sources.
6
7
=== Patching !WireShark ===
8
Once you've downloaded the wireshark source tree, check out p25 plugin from op25:
9
10 1
{{{
11 3
% (cd wireshark/plugins && svn checkout http://www.sedition.org.au/svn/op25/trunk/wireshark/plugins/p25 p25)
12 1
}}}
13
14 3
This adds the necessary code to wireshark for it to decode APCO P25 messages. A few small changes also need to be made to the !WireShark tree outside of the plugins directory. To do this the easiest way is to apply the appropriate patch. This can be done as follows:
15 1
16
{{{
17 3
% svn checkout http://www.sedition.org.au/svn/op25/trunk/wireshark/patches/wireshark-1.0.2.patch .
18
% (cd wireshark && patch -p1 < ../wireshark-1.0.2.patch)
19 1
}}}
20
21 3
Of course, it is inevitable that some GNU/Linux distributions use a !WireShark version for which we haven't provided a patch. Don't fret - the patches will probably work for your version but if it fails to apply you may need to make the changes manually using the patch as a guide.
22 1
23 3
=== Building + Installing !WireShark ===
24
25
This is just the same as you'd expect. To compile !WireShark run the following command:
26
27 1
{{{
28 3
% (cd wireshark && ./configure && make clean && make)
29
}}}
30
31
If it compiles cleanly then you can install it as follows:
32
33
{{{
34
% (cd wireshark && sudo make install)
35 1
}}}
Add picture from clipboard (Maximum size: 48.8 MB)