mobileinsight-core icon indicating copy to clipboard operation
mobileinsight-core copied to clipboard

Published 20 hours ago verified publisher icon mobile-insight

Update ws_dissector to use Wireshark 2.4.x stable release APIs

Open zwyuan opened this issue 7 years ago • 8 comments

Right now I have cross-compiled a newest set of the Wireshark 2.4.1 and Glib 2.54.0 libraries for Android. To update to these libraries, the Wireshark APIs used by the ws_dissector also needs to be updated accordingly. (Remember that the API used in Wireshark 2.0.x stable release and 2.4.x stable release changed a bit)

zwyuan avatar Nov 18 '17 23:11 zwyuan

@zwyuan I get segfault from libwiretap.so.7.0.2 when calling epan_init(). I am using Wireshark 2.4.2. It is similar to this question: https://stackoverflow.com/questions/46263024/getting-segmentation-fault-in-c-on-ubuntu-when-trying-to-run-function-from-so-l

moonsky219 avatar Nov 19 '17 02:11 moonsky219

@zwyuan I solved the segfault by calling wtap_init() before epan_init(). But after making some change to make compile success, the decoding still not working, the frame_data doens't use lnk_t variable any more which we used to indicate the encapsulation type in our previous implementation.

moonsky219 avatar Nov 19 '17 03:11 moonsky219

oh which libraries are you using? I haven't put newly compiled libwiretap.so to mobileiInsight-libs repo yet…

zwyuan avatar Nov 19 '17 03:11 zwyuan

I don't mean the android version, I am on Ubuntu and trying to make ws_dissector work with Wireshark 2.4.x. I find the update could take more efforts than just changing function name or parameters.

moonsky219 avatar Nov 19 '17 03:11 moonsky219

I see. That's useful information to know. Thanks a lot.

zwyuan avatar Nov 19 '17 05:11 zwyuan

Hi @zwyuan , I create a new branch named update_ws_dissector which supports Wireshark-3.0.1. The install-ubuntu.sh is also updated accordingly and it may need your efforts to update the install-macos.sh. One issue to notice, I find some parsing result is also updated, and this can easily break our analyzer code if not written carefully. For example, the lte_rrc_analyzer.py get an exception caused by change in lte-rrc.CarrierFreqUTRA_FDD_element: lte-rrc.q_RxLevMin ==> lte-rrc.utra_q_RxLevMin

moonsky219 avatar Apr 20 '19 20:04 moonsky219

Great efforts Haotian! I can take a look and do updates on my side. And I agree that probably we should go through updates on the entire repo before merging this brach.

Hi @zwyuan , I create a new branch named update_ws_dissector which supports Wireshark-3.0.1. The install-ubuntu.sh is also updated accordingly and it may need your efforts to update the install-macos.sh. One issue to notice, I find some parsing result is also updated, and this can easily break our analyzer code if not written carefully. For example, the lte_rrc_analyzer.py get an exception caused by change in lte-rrc.CarrierFreqUTRA_FDD_element: lte-rrc.q_RxLevMin ==> lte-rrc.utra_q_RxLevMin

zwyuan avatar Apr 20 '19 21:04 zwyuan

is there any update on this?

Awaisryk avatar Sep 25 '19 03:09 Awaisryk