Wireshark-dev: Re: [Wireshark-dev] Need help on Reassembly and building ethereal on windows.

From: "Anders Broman" <a.broman@xxxxxxxxx>
Date: Wed, 15 Nov 2006 08:02:39 +0100
Hi,
The TCP reassembly code has been re-written since 0.10.8
Especially addressing the problem you are seeing I think.
The GTP dissector has also been updated.
As Jaap noted use the latest SVN version.

On http://wiki.wireshark.org there are some instructions on how
To build with Cygwin.

BR
Anders

-----Ursprungligt meddelande-----
Från: wireshark-dev-bounces@xxxxxxxxxxxxx
[mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] För Jaap Keuter
Skickat: den 14 november 2006 21:16
Till: Developer support list for Wireshark
Ämne: Re: [Wireshark-dev] Need help on Reassembly and building ethereal on
windows.

Hi,

Two remarks:
1. Why use such ancient source code?
2. Detailed development instruction can be found in the Developer Guide
   found on the website www.wireshark.org

Thanx,
Jaap

On Tue, 14 Nov 2006, Annie Misha wrote:

> Hi all,
>    We have added E-GCDR parsing support for GTP' protocol into Ethereal.
The code addition has been made in the file packet-gtp.c. We are facing two
issues here.
>
>   1. Packet reassembly:
>    Our code works fine when we have a Single GTP' PDU which starts in the
beginning of the TCP segment and ends in the same segment.
>
>      When we have a PDU that is segmented and spanning multiple TCP
segments, the PDU is not assembled and parsed completely. The code parses
only the first segment and gives a Malformed packet error. A GTP' PDU can
begin anywhere in a TCP segment. There can be more that one GTP' PDU (Data
record request) or only a portion of one in a single segment. But here, when
a GTP PDU starts in the middle of the TCP segment then ethereal does not
recognize this. It would be great help if you can throw some light on this
and your valuable suggestions to resolve the issue.
>
>
>   (We have tried using the tcp_dissect_pdus function - but this solves
only one half of the issue. That is on using this, if a GTP' request starts
in the beginning of the TCP segment and spans 1 and half segment, the code
parses the complete request by combining the first and half of second
segment. However it fails to identify the next GTP' request which is present
in the next half of the second segment.)
>
>   (Please note we have identified this issue by building an exe in Linux)
>
> 2. Building Ethereal on  Windows:
>   --------------------------------------------------
>       We are trying to build Ethereal exe for windows using cygwin
(including our code changes). When we execute the ./configure command for
this, we get the following error:
>
> checking for GTK+ - version >= 2.0.0... no
> *** Could not run GTK+ test program, checking why...
> *** The test program failed to compile or link. See the file config.log
for the
> *** exact error that occured. This usually means GTK+ is incorrectly
installed.
> checking for pkg-config... (cached) /usr/bin/pkg-config
> checking for GLIB - version >= 2.0.0... yes (version 2.10.3)
> checking whether GLib supports loadable modules... yes
> checking for inttypes.h... (cached) yes
> checking whether inttypes.h defines the PRI[doxu]64 macros... yes
> checking for gethostbyname... yes
> checking for connect... yes
> checking whether to use libpcap for packet capture... yes
> checking for extraneous pcap header directories... not found
> checking pcap.h usability... no
> checking pcap.h presence... no
> checking for pcap.h... no
> configure: error: Header file pcap.h not found; if you installed libpcap
> from source, did you also do "make install-incl", and if you installed a
> binary package of libpcap, is there also a developer's package of libpcap,
> and did you also install that package?
>
>   Can someone please tell us what needs to be done here? It would be of
great help if you could give us the exact procedure for building the exe for
Windows. Do we have to set the PATH to any specific directory. Do we have to
install any additional packages. If so, what are the additional packages to
be installed? Your help in overcoming these bottlenecks will be very much
appreciated. Thanks in advance.
>
>   Version used: ethereal-0.10.8-SVN-13012
>
>   Thanks,
>   Annie.D
>
>
> ---------------------------------
>  Find out what India is talking about on  - Yahoo! Answers India
>  Send FREE SMS to your friend's mobile from Yahoo! Messenger Version 8.
Get it NOW

_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev