[Ulf Lamping <ulf.lamping@xxxxxx>]

John T. Haller wrote:
> Hello all,
>
> My name is John T. Haller and I'm the lead developer behind 
> PortableApps.com.  We've repackaged many popular programs like 
> OpenOffice.org, Firefox, Thunderbird, PuTTY and more to be entirely 
> portable and run from an USB device you'd like (flash drive, iPod, 
> portable hard drive, etc).  There have been a few people asking for a 
> portable version of Wireshark to use in this setting.
>
> I noticed you'd posted a package for the proprietary/closed U3 platform. 
>   The goal of PortableApps.com is to be compatible with all drives, not 
> to lock people into drives from one manufacturer.  This is born out by 
> the download numbers as the portable apps see about 10x the downloads of 
> the  U3 apps.
>
> So, I was wondering if you'd consider working on a portable solution in 
> addition to (or instead of) the package for the niche U3 platform.  I'd 
> be happy to assist and contribute code to that end, of course.  And, it 
> would be easier for all the Wireshark developers and users to test since 
> you can run it from any existing hardware you have (or even from your 
> local hard drive).
>   
Hi John!

In fact I'm using some PortableApps already, so yes, I know your page - 
very nice work!

I would personally welcome a "PortableWireshark" version, and would be 
willing to spend some effort for it (unfortunately, currently my time is 
pretty limited).

BTW: We will probably not drop U3 support, unless there's a very good 
reason for it :-)
BTW(2): The main U3 advantage I still see is the way it's closing 
applications - which might be added easily to PortableApps as well.



There are the two tasks to make Wireshark a full "Portable App":


1)
make Wireshark itself "portable" - shouldn't be too difficult as 
Wireshark is cleanly programmed in this regard

The current U3 code leads to the places to look at. It's about finding 
some directories, e.g. where to find/save the users settings (usually at 
"c:\Documents and Settings\<username>\Application Data\Wireshark" or the 
corresponding international path). You might already have some solutions 
for this, as I guess this is a common problem for all portable apps.

Some background info:
- the Wireshark installer is already NSIS based
- Wireshark itself won't write to the registry (the installer will only 
write to the registry for file extension association which can be easily 
ommited)
- WS should be able to run with "ordinary" user privileges

=> Making Wireshark a ProtableApp shouldn't be too difficult.



2)
make WinPcap "portable" - I don't know a good way for this (might become 
pretty difficult)

WinPcap is the driver to capture live network data (for Wireshark and a 
lot of similiar tools). It seems that WinPcap must be installed in 
c:\winnt\system32 to work properly - at least I don't know a better way 
than this :-(

Unfortunatly, while WinPcap itself is open source, the WinPcap installer 
is closed source, so there's no easy way to get an idea how to do it 
from sample code.

This is how the U3 package handles this when the stick is plugged in:
- detect if WinPcap is already installed on the system
- if not, call the WinPcap setup.exe and install it on the system
- when the stick is going to be unplugged and WinPcap was installed by 
the U3 package, ask the user if he wants to uninstall WinPcap

=> This obviously isn't nice, but we don't know a better way. In 
addition, you'll need Administrative privileges to 
install/start/uninstall winPcap :-(


Wireshark will run without WinPcap, e.g to show previously captured 
data, but WinPcap is needed to capture any live network data.


-----------------------------

So what I would like to know for a start:

- how to distinguish if WS is running as a PA(U3 uses an environment 
setting)? Or is this done through a command line switch or such?
- we'll need an "Application Data/Wireshark" directory somewhere on the 
stick - is there a "portable app recommendation" for this?
- where do we get one of those fancy splash screens for Wireshark from? 
Might be derived from the current splash screen picture ;-)


Regards, ULFL

P.S.: Well, the page http://portableapps.com/development is a bit short 
;-) If it would be more comprehensive, I might have started this task 
already a lot earlier ...