| ------------------------------------------------------------------------ |
| How to build wireshark with HAProxy Peers Protocol dissection support. |
| ------------------------------------------------------------------------ |
| |
| Please note that at this time, HAProxy Peers Protocol dissection is not supported |
| on Windows systems (could not be tested). |
| |
| 1) File list |
| ------------- |
| - packet-happp.c: source code for HAProxy Peers Protocol (HAPPP) dissection |
| support. |
| - wireshark.happp.dissector.patch: a patch file for wireshark sources to enable HAPPP |
| dissection support. Note that this patch file modifies only two files: |
| (epan/dissectors/CMakeLists.txt and epan/dissectors/Makefile.am) to add |
| packet-happp.c file DISSECTOR_SRC variable which list all wireshark |
| - README: this file. |
| |
| 2a) To build wireshark with HAPPP dissection support |
| --------------------------------------------------- |
| - Download wireshark sources: |
| $ git clone https://code.wireshark.org/review/wireshark |
| - copy packet-happp.c file to epan/dissectors/ directory. |
| - apply wireshark.happp.dissector.patch file to wireshark source directory. |
| - build wireshark (see https://www.wireshark.org/docs/wsdg_html_chunked/): |
| $ ./autogen.sh |
| $ ./configure |
| $ make |
| |
| 2b) Alternative: build the HAPPP dissector as a wireshark plugin |
| ----------------------------------------------------------------- |
| If you don't want to build completely wireshark, you can build the dissector as |
| a plugin. |
| |
| You will need the development package of your distribution, which is |
| "libwireshark-dev" for debian based distribution and "wireshark-dev" for |
| redhat-based ones. |
| |
| $ make |
| |
| It is possible that depending on your distribution the compilation may fail |
| with such an error: |
| |
| packet-happp.c:40:10: fatal error: ws_version.h: No such file or directory |
| #include <ws_version.h> |
| |
| In this case try to build this plugins with this OPTS variable: |
| |
| $ OPTS=-DWITHOUT_WS_VERSION make |
| |
| To install it in your home directory: |
| |
| $ make install |
| |
| The plugin will be installed in ~/.wireshark/plugins/ by default, but you can |
| change this path by setting the "plugins" variable. If it didn't work, check |
| the paths in "Help > About Wireshark > Folders > Personal Plugins" which should |
| give you the right path to use. |
| |
| In some distribution it will be in ~/.local/lib/wireshark/ so you will need to |
| install it this way: |
| |
| $ make install plugins=~/.local/lib/wireshark/plugins/3.2/epan/ |
| |
| If you want to install it in the system directory you can do it this way, the |
| righ path is also in the Folder window. Change the plugins variable this way: |
| |
| $ sudo make install plugins=/usr/lib64/wireshark/plugins/3.2/epan/ |
| |
| Be careful to use the right version number in the path. |
| |
| 3) Check if you have the dissector in wireshark |
| ----------------------------------------------- |
| To verify if the protocol was well loaded by your wireshark, open the Supported |
| Protocols window in "View > Internals > Supported Protocols" and look for |
| "HAPPP". |
| |
| In the case of a plugin, you should see your plugin loaded in "Help > About |
| Wireshark > Plugins". |