Wireshark Development
This is the development section of the Wireshark wiki.
Beginner?
If you are new to Wireshark development, please set up your build environment first:
get the source code from the Wireshark development webpage
Win32: the Developer's Guide is currently invaluable for setting up a Win32 development environment
Unix-like: you may find information in the README.xxx file suitable for your target platform - in the root directory of the Wireshark sources
Required Libraries and Packages: for essential and optional external dependencies on Unix and Windows, see the Library reference in the Wireshark Developer's Guide
Now it's time to tweak the code:
doc/README.developer the best manual about Wireshark dissector development so far, you will also find that one in the documentation directory of the Wireshark sources - please read and thoroughly understand all of the "Portability" and "Robustness" sections before writing any Wireshark code!
... of course you should have a look at the Wireshark sources itself!
General
Wireshark documentation webpage: the latest version of the Wireshark User's Guide and the Wireshark Developer's Guide in different formats (PDF, HTML, ...)
/LifeCycle: Life Cycle information on Wireshark releases
/Roadmap: Roadmap for upcoming Wireshark releases
/Wishlist: Wish list for internal features and architectural changes (as opposed to user-visible features WishList)
SendingFilesToWireshark: Tips on sending files to the Wireshark mailing lists
/Translations: Why it's not a good idea to translate Wireshark into spanish/german/... language
Development
CreatingPatches: Tips on creating patches before submitting them
/SubmittingPatches: Introduction to using Git & Gerrit to submit and review patches
/SecureProgramming How to write more secure code, e.g. replace insecure ANSI-C calls by more secure ones
/CommonProblems: Some common problems while developing Wireshark
/Tips: Some selected wisdom to ease development/debugging
/FilenameEncoding: the various Unicode and code page encodings of filenames in GLib
Lua: Extending Wireshark with the extensible extension language
/LibpcapFileFormat A libpcap file format description
/Canary Finding and fixing memory over- and under-runs with canaries
Generic dissector (http://wsgd.free.fr/) : display clearly your data inside wireshark without any code
pyreshark: A Wireshark plugin providing a simple interface for writing dissectors in Python.
/Support_library_version_tracking A page for tracking what OS distributions came with what versions of various libraries with which Wireshark is built
/WindowsLibs Describes how Windows libraries are built and the procedure for updating those.
/StringHandling How string handling should work in Wireshark (ie encoding support, how to deal with invalid strings, etc)
Projects
Design ideas
WiretapPcapng Changes to wiretap to support pcapng
HighSpeedCapturing High speed capturing improvements
DecryptionBlock Define a pcapng decryption block and use it to save decryption information in the file.
PrefBlock Define a pcapng block to store the preference settings needed to view the file.
PrivacySettings Add privacy settings to determine what to put in a pcapng file.
Reduce memory footprint Ideas on how to find the memory hogs and reduce the memory usage
In progress
/CustomColumnfication An ongoing project concerning predefined columns -> custom column migration
/PrivilegeSeparation: A proposal to add privilege separation to Wireshark
Mate: Meta Analysis and Tracing Engine
/Security: Efforts to make Wireshark more secure
/ExpertInfo: a better "user display" of network misbehaviour
/PacketInput: how to get packet data into Wireshark in some "unusual" ways
/OptimizePacketList: the packet list isn't optimized for the way we use it, could make a huge difference for large capture files
/CSVExport: Formats and problems with exporting into the CSV format
/multithreading: a list of what needs to be done in order to achieve it
/SNMP: reworking of OID handling and SNMP dissector
/Optimization: A patch for a faster but maybe slightly broken wireshark
/FastFiltering: A patch for fast packet filtering interactively
/PcapNg: Read/Write the "PCAP Next Generation Dump File Format" or pcapng
Python : Extending Wireshark with Python
SharkTools: A project that provides "matshark" and "pyshark", which integrate Wireshark's packet dissection engine into Matlab and Python.
Completed
/DropWin32GTK1: Thoughts about dropping GTK1 support on Win32
/PatchHandling: Changing patch handling policy
/Examples: Example files, which are used by the various installers as default files
ReplaceDeprecatedGtkGLibFunctionUsage: An ongoing project to replace use of deprecated GTK and GLib functions.
GoingGTK3: A project to prepare the Shark to migrate from GTK+ 2 to GTK+ 3
/QtShark: Qt based version of Wireshark.
/Update: Check version and Update Wireshark on a frequent basis
Tools
Asn2wrs: How to create a dissector using the ASN.1 compiler
/WiresharkEnvCmd: A batch script to set environment variables useful for Windows development on older 1.12.x or earlier versions
FuzzTesting: tools to stress test protocol dissectors
Pidl: A perl-based DCE/RPC IDL compiler (and Wireshark dissector generator) developed for Samba 4
/CodeCoverage: check how much of your code is covered by the test cases
/SourceMovie: generate a movie about code repository history