Recently, the signaling tracking feature added in the next phase of the research project. In this era of open source, open-source tools are of course the first choice. We found ethereal, a powerful network analysis toolkit. We should not only use ethereal, but also perform secondary development on Ethereal to add a new dissector or plugin to analyze our own application layer protocols.
Another important reason for choosing Ethereal is that it already supports more than 300 protocol packages. This shows that the ethereal framework is mature and it is feasible to perform secondary development on it. Our final outcome may be running on Solaris, but the home server environment does not display terminals or run images, so I decided to develop it on Windows, and then port it to Solaris. The underlying graphic interface of Ethereal uses GTK, which is a cross-platform graphical interface development kit that shields the underlying details of different operating systems, this makes it easy for our programs to be transplanted on various OS platforms. Because of the use of GTK, I feel that my development solution is correct :). In addition, the Code involved in the development of a new dissector should be portable, and the required interface Ethereal has been provided. You can call it. So I thought that after the development on Windows is successful, it should be able to run correctly after the re-compilation under Solaris, some of which are too ideal ^_^.
At present, the first step is to compile the ethereal package on Windows. by browsing the developer's guide of Ethereal and some information on the Internet, it is not easy to compile ethereal, because ethereal relies on many open-source packages and some other tools (such as cygwin ). Although the automated build script provided by ethereal will automatically download the dependent package, most of the time it will fail to be downloaded. I have tried both the company's network and the home network, but none of them succeeded, in desperation, we had to manually download it. The dependent open-source toolkit is listed in readme. Win32.
(1) first, we need a compiler. Generally, the vc6.0 compiler is used to compile Ethereal on Windows. Remember to run vcvars32.bat after installing vc6.0 and set the environment variables, generally, the installation wizard of VC will prompt you whether to set the environment variable in the last step. You just need to agree.
(2) second, compiling ethereal requires the cygwin tool. I have already installed cygwin on the machine, I have been using it to write some small UNIX test programs in windows. When I installed all the packages, I had to re-run cygwin's setup.exe program. To check which software packages are missing in cygwin, follow these steps:
1. Add the bin directory of cygwin to the path of the system environment variable as the environment variable;
2. In the Windows Command Prompt window to enter the ethereal source package directory, find the config. nmake file, modify ethereal_libs = C:/ethereal-win32-libs
Cygwin_path = C:/cygwin/bin;
3. Run nmake-F makefile. nmake verify_tools in the Windows Command Prompt window.
If a toolkit is not fully installed, we will see it in the command execution result. For example, after running the command, the output result is:
Microsoft (r) program maintenance utility version 6.00.8168.0
Copyright (c) Microsoft Corp 1988-1998. All rights reserved.
Checking for required applications:
CL:/cygdrive/D/program files/Microsoft Visual Studio/vc98/bin/Cl
Link:/cygdrive/D/program files/Microsoft Visual Studio/vc98/bin/Link
Nmake:/cygdrive/D/program files/Microsoft Visual Studio/vc98/bin/nmake
Bash:/usr/bin/bash
Bison:/usr/bin/Bison
Error: Can't Find Flex. This is probably an optional cygwin package not yet Inst
Alled. Try to install it using cygwin's setup.exe!
Nmake: Fatal error u1077: 'bash': return code '0x1'
Stop.
We can see that the flex toolkit is not installed. Fortunately, we can find a good cygwin package download site xmission, which is very fast. If there is nothing left, we can download it, then go to the root directory '/' of cygwin,
Bzip2-D xx.tar.bz2
Tar xvf xx.tar.
Repeat the preceding steps until verify_tools is successfully run.
The output result of verify_tools is as follows:
D:/ethereal-0.99.0> nmake-F makefile. nmake verify_tools
Microsoft (r) program maintenance utility version 6.00.8168.0
Copyright (c) Microsoft Corp 1988-1998. All rights reserved.
Checking for required applications:
CL:/cygdrive/D/program files/Microsoft Visual Studio/vc98/bin/Cl
Link:/cygdrive/D/program files/Microsoft Visual Studio/vc98/bin/Link
Nmake:/cygdrive/D/program files/Microsoft Visual Studio/vc98/bin/nmake
Bash:/usr/bin/bash
Bison:/usr/bin/Bison
Flex:/usr/bin/flex
Env:/usr/bin/env
Grep:/usr/bin/grep
/Usr/bin/find:/usr/bin/find
Perl:/usr/bin/perl
Env:/usr/bin/env
Python:/usr/bin/Python
Sed:/usr/bin/SED
Unzip:/usr/bin/unzip
Wget:/usr/bin/wget
Here is an episode. The verify_tools command should use BASH Shell in cygwin. However, when I first run verify_tools, I always prompted that the 'which 'package could not be found. I checked cygwin, obviously, the 'which 'package has been installed. I checked the path of the system environment variable and found the clues. It turns out that I have installed the 'unutils' package before, the BASH Shell in this package is used to run verify_tools. Delete unxutil from path to solve the problem.
(3) We are looking for a fully compiled ethereal dependent package. readme. Win32 also lists the dependent package list and the location where these packages should be released after being decompressed:
Required:
Package location
-----------------------
Glib-2.4.7.zip C: // ethereal-win32-libs/glib
Glib-dev-2.4.7.zip C: // ethereal-win32-libs/glib
Gtk316-1.3.0-20030717.zip C:/ethereal-win32-libs/GTK +
Gtk316-dev-1.3.0-20030115.zip C:/ethereal-win32-libs/GTK +
Libiconv-1.9.1.bin.woe32.zip C:/ethereal-win32-libs/libiconv-1.9.1.bin.woe32
Gettext-runtime-0.13.1.zip C:/ethereal-win32-libs/gettext-runtime-0.13.1
Net-snmp-5.2.1.2.zip C:/ethereal-win32-libs
Wpdpack_3_0.zip C:/ethereal-win32-libs
Optional:
Package location
-----------------------
Adns-1.0-win32-04.zip C:/ethereal-win32-libs
Pcre-4.4.zip C:/ethereal-win32-libs
Zlib123-dll.zip C:/ethereal-win32-libs/zlib123-dll
Download the package version as much as possible. Otherwise, it is difficult to solve the problem. Except for net-snmp, I did not find 5.2.1.2. I used 5.2.3 instead, and can find all the other versions, here is a website Region. Net-snmp I downloaded the source code package. compile it first and remember to compile the release version.
(4) Last step: nmake-F makefile. nmake all
Several problems during compilation:
1. the compilation process is often interrupted, many of which are due to 'can't open the file 'unistd. h ''header file. If such a problem occurs, you can modify the code of the error source file by # include <unistd. h> change
# Ifdef have_unistd_h
# Include <unistd. h>
# Endif
You can.
2. During compilation, we also found that the lua5.1 package is required.
3. if you download GTK 1. X package, you are using the GTK + directory, and need to be in config. in nmake, comment out the gtk2_dir = $(ethereal_libs)/gtk2 option. If I do not comment out this option during compilation, it will never be compiled.
The compilation process is very time-consuming, maybe because of my low CPU clock speed. This is a test of patience.
More see: http://bigwhite.blogbus.com/logs/4167864.html