Wireshark Development

This is the development section of the Wireshark wiki.

Beginner?

If you are new to Wireshark development, please set up your build environment first:

Get the source code from the Wireshark development webpage
Windows: the Developer's Guide is currently invaluable for setting up a development environment in Microsoft Windows
Unix-like: you may find information in the README.xxx file suitable for your target platform - in the root directory of the Wireshark sources
Required Libraries and Packages: for essential and optional external dependencies on Unix and Windows, see the Library reference in the Wireshark Developer's Guide

Now it's time to tweak the code:

doc/README.developer the best manual about Wireshark dissector development so far, you will also find that one in the documentation directory of the Wireshark sources - please read and thoroughly understand all of the "Portability" and "Robustness" sections before writing any Wireshark code!
... of course you should have a look at the Wireshark sources itself!

Wireshark documentation webpage: the latest version of the Wireshark User's Guide and the Wireshark Developer's Guide in different formats (PDF, HTML, ...)
LifeCycle: Life Cycle information on Wireshark releases
Roadmap: Roadmap for upcoming Wireshark releases
Wishlist: Wish list for internal features and architectural changes (as opposed to user-visible features WishList)
SendingFilesToWireshark: Tips on sending files to the Wireshark mailing lists
Translations: Why it's not a good idea to translate Wireshark into spanish/german/... language
Contributions: User-created scripts, macros, colouring rules and other useful plugins

Creating Patches: Tips on creating patches before submitting them
Submitting Patches: Introduction to using Git & GitLab to submit and review patches
Secure Programming How to write more secure code, e.g. replace insecure ANSI-C calls by more secure ones
Common Problems: Some common problems while developing Wireshark
Tips: Some selected wisdom to ease development/debugging
Libpcap File Format A libpcap file format description
Canary Finding and fixing memory over- and under-runs with canaries
pyreshark: A Wireshark plugin providing a simple interface for writing dissectors in Python.
Support library version tracking A page for tracking what OS distributions came with what versions of various libraries with which Wireshark is built
Windows Libraries Describes how Windows libraries are built and the procedure for updating those.
Binary Compatibility Binary compatibility is never guaranteed between ~~those~~ releases ...

Character encodings: Character encodings used in Wireshark and the systems on which Wireshark runs
Platform string encoding: Dealing with non-UTF-8 strings other than strings in packets, such as file names and environment variables

Lua: Extending Wireshark with the extensible extension language
Generic dissector (http://wsgd.free.fr/) : display clearly your data inside wireshark without any code

Wiretap Pcapng Changes to wiretap to support pcapng
High Speed Capturing High speed capturing improvements
Decryption Block Define a pcapng decryption block and use it to save decryption information in the file.
Preference Block Define a pcapng block to store the preference settings needed to view the file.
Privacy Settings Add privacy settings to determine what to put in a pcapng file.
Reduce memory footprint Ideas on how to find the memory hogs and reduce the memory usage

Custom Columnfication An ongoing project concerning predefined columns -> custom column migration
Privilege Separation: A proposal to add privilege separation to Wireshark
Mate: Meta Analysis and Tracing Engine
Security: Efforts to make Wireshark more secure
Packet Input: how to get packet data into Wireshark in some "unusual" ways
String handling in dissectors How string handling should work in Wireshark (ie encoding support, how to deal with invalid strings, etc)
Optimize PacketList: the packet list isn't optimized for the way we use it, could make a huge difference for large capture files
CSV Export: Formats and problems with exporting into the CSV format
Multithreading: a list of what needs to be done in order to achieve it
SNMP: reworking of OID handling and SNMP dissector
Optimization: A patch for a faster but maybe slightly broken wireshark
Fast Filtering: A patch for fast packet filtering interactively
Pcapng: Read/Write the "PCAP Next Generation Dump File Format" or pcapng
Python : Extending Wireshark with Python
SharkTools: A project that provides "matshark" and "pyshark", which integrate Wireshark's packet dissection engine into Matlab and Python.

DropWin32GTK1: Thoughts about dropping GTK1 support on Win32
Patch Handling: Changing patch handling policy
Examples: Example files, which are used by the various installers as default files
Replace Deprecated Gtk and GLib Function Usage: An ongoing project to replace use of deprecated GTK and GLib functions.
Going GTK3: A project to prepare the Shark to migrate from GTK+ 2 to GTK+ 3
QtShark: Qt based version of Wireshark.
sharkd: A program that makes Wireshark capabilities available via a programmatic interface.
Update: Check version and Update Wireshark on a frequent basis

Asn2wrs: How to create a dissector using the ASN.1 compiler
WiresharkEnvCmd: A batch script to set environment variables useful for Windows development on older 1.12.x or earlier versions
idl2wrs: CORBA IDL to Wireshark Plugin Generator idl2wrs
Fuzz Testing: tools to stress test protocol dissectors
Pidl: A perl-based DCE/RPC IDL compiler (and Wireshark dissector generator) developed for Samba 4
/CodeCoverage: check how much of your code is covered by the test cases
/SourceMovie: generate a movie about code repository history

Imported from https://wiki.wireshark.org/Development on 2020-08-11 23:12:38 UTC