Wireshark-dev: Re: [Wireshark-dev] Wireshark GUI development and release guidelines

From: Guy Harris <guy@xxxxxxxxxxxx>
Date: Tue, 19 Oct 2010 13:39:36 -0700
On Oct 19, 2010, at 12:30 PM, Joe wrote:

> Please forgive the newbie but I am struggling to find some basic info on 
> adding extensions to the Wireshark GUI.  I see a lot of info on 
> Dissectors but almost nothing on extending the GUI menu options.  My 
> company has developed a product that can extend Wiresharks's filtering 
> capabilities and I would like to develop an "add-on" that allows control 
> of it directly from the Wireshark GUI through new menu options.

So what do you mean by "filtering"?  If this is an extension to the filtering mechanism for the Filter: box, if it's done as an extension to the filtering language, rather than something that requires new menu options, that would make it available not only for filtering the Wireshark display, but also for coloring the display and filtering packets in TShark.

> I cannot determine how it would be released if we did develop an 
> extension.  Do I understand the following correctly?
> 
> A.An extension can only be added through the "patch" process?

*Some* GUI extensions can be added through plugins (GUI options that add "tap listener" statistics, for example).

Some changes to Wireshark might require changes to the Wireshark code, if that's what you mean by "the patch process".

> B.It would be totally up to us to distribute instructions to patch, or 
> distribute a fully compiled release of our own?

Or you could send us the patch, so we can incorporate it into Wireshark.

NOTE: if you distribute a fully compiled release of your own, then, according to the terms of the GNU Public License, Version 2, which is the license under which Wireshark is released, anybody to whom you provide that fully compiled release:

	1) may make as many copies of that fully compiled release as they want, and use it on as many of their machines as they want;

	2) may give a copy away to anybody they want;

	3) may ask you for the source code that was used to generate that fully compiled release;

	4) may give away that source code to anybody they want;

so sending us the patch, so we can incorporate it into the standard Wireshark release, might make more sense for you.