Wireshark插件开发指南.docVIP

Wireshark Plug-in development guide 本文背景： 在网络程序的编写过程中，你有可能需要定义某种数据协议；而在测试过程中，需要分析收到或发送的数据，这时候，你需要一个工具去捕获数据，解析数据。这就是Wireshark,但是，你需要编写插件完成这个工作。 本文目的： 插件开发的环境设置及开发过程。 本文内容： 1.????? Summary 2.????? Develop Environment Setup 2.1????????? Cygwin Installation 2.2????????? Wireshark Source Code Build. 3.????? Plug-in Implementation 3.1????????? Wireshark Architecture 3.2????????? Main Process of Plug-in Development 3.3????????? An Example - TSC Output Protocol Analyzer 4.????? Plug-in Deployment Use 4.1????????? Deployment 4.2????????? Use Plug-in 5.????? Appendix. 8 5.1????????? Compile Error Information Solution ? 1.???? Summary Wireshark is a tool for capturing data from network card interface and interpreting it through protocol dissectors. If you want to investigate the network data packaged in some protocol, which is sent by your applications, Wireshark can handle it very well. Currently there are hundreds of build-in dissectors, like TCP, UDP, SMTP, etc. However, if the protocol used in your application is not supported by Wireshark, a new plug-in must be implemented. This document provides details on Wireshark plug-in development, including three sections: Environment Setup, Plug-in Development and Plug-in Deployment Use. 2.???? Develop Environment Setup 2.1???? Cygwin Installation Cygwin is a Linux-like environment for Windows. If you want to build Wireshark in Windows, you need to install Cygwin as it will use some tools in Cygwin. Download Link /setup.exe Run the setup.exe, and you can choose to download the installer package or install on-line directly. During the installation, a dialog will show you all the available tools for installation. There are some tools required for building Wireshark source code successfully. Tools Needed to Select Archive/unzip Devel/bison Devel/flex Interpreters/perl Utils/patch Web/wget Check after Installation A shortcut on desktop will be created if installation successful. 2.2???? Wireshark Source Code Build Without Wireshar