Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

debian 10 maps to "Buster"

wireshark-common:buster is wireshark-common (2.6.20-0+deb10u1) which does not include sharkd (filelist)

The debian wireshark changelog shows that sharkd was added in Wireshark 3.0.7 and newer:

wireshark (3.0.7-1) unstable; urgency=medium

  [ Balint Reczey ]
  * Build-depend on libglib2.0-dev. This is needed for backports for example
    to Ubuntu 16.04 and earlier releases.
  * Ship sharkd in wireshark-common (Closes: #943403)
  * New upstream version 3.0.7
    - security fixes:
     - CMS dissector crash. (CVE-2019-19553)
  * Update symbols files

debian 11 (Bullseye) ships wireshark-common (3.4.4-1) which include sharkd (filelist)

But it looks like sharkd only supports tcp: sockets on Windows.
sharkd_daemon.c:

#ifdef _WIN32
/* for windows support TCP sockets */
# define SHARKD_TCP_SUPPORT
#else
/* for other system support only local sockets */
# define SHARKD_UNIX_SUPPORT
#endif

Windows:

C:\Development\wsbuild64\run\RelWithDebInfo>sharkd -a tcp:127.0.0.1:4446
Sharkd listening on: tcp:127.0.0.1:4446

The "Usage:" screen has an example based on the platform it's compiled for:

#ifdef SHARKD_UNIX_SUPPORT
    fprintf(output, "  - unix:/tmp/sharkd.sock - listen on unix file /tmp/sharkd.sock\n");
#endif
#ifdef SHARKD_TCP_SUPPORT
    fprintf(output, "  - tcp:127.0.0.1:4446 - listen on TCP port 4446\n");
#endif

Windows:

C:\Development\wsbuild64\run\RelWithDebInfo>sharkd -h

Usage: sharkd [<classic_options>|<gold_options>]

Classic (classic_options):
  [-|<socket>]

  <socket> examples:
  - tcp:127.0.0.1:4446 - listen on TCP port 4446

Gold (gold_options):

Linux:

admin1@ubuntu1:~/wireshark/build_3.5.x/run$ ./sharkd -h

Usage: sharkd [<classic_options>|<gold_options>]

Classic (classic_options):
  [-|<socket>]

  <socket> examples:
  - unix:/tmp/sharkd.sock - listen on unix file /tmp/sharkd.sock

Gold (gold_options):

debian 10 maps to "Buster"

wireshark-common:buster is wireshark-common (2.6.20-0+deb10u1) which does not include sharkd (filelist)

The debian wireshark changelog shows that sharkd was added in Wireshark 3.0.7 and newer:

wireshark (3.0.7-1) unstable; urgency=medium

  [ Balint Reczey ]
  * Build-depend on libglib2.0-dev. This is needed for backports for example
    to Ubuntu 16.04 and earlier releases.
  * Ship sharkd in wireshark-common (Closes: #943403)
  * New upstream version 3.0.7
    - security fixes:
     - CMS dissector crash. (CVE-2019-19553)
  * Update symbols files

debian 11 (Bullseye) ships wireshark-common (3.4.4-1) which include sharkd (filelist)

But it looks like sharkd only supports tcp: sockets on Windows.
sharkd_daemon.c:

#ifdef _WIN32
/* for windows support TCP sockets */
# define SHARKD_TCP_SUPPORT
#else
/* for other system support only local sockets */
# define SHARKD_UNIX_SUPPORT
#endif

Windows:

C:\Development\wsbuild64\run\RelWithDebInfo>sharkd -a tcp:127.0.0.1:4446
Sharkd listening on: tcp:127.0.0.1:4446

The "Usage:" screen has an example based on the platform it's compiled for:

#ifdef SHARKD_UNIX_SUPPORT
    fprintf(output, "  - unix:/tmp/sharkd.sock - listen on unix file /tmp/sharkd.sock\n");
#endif
#ifdef SHARKD_TCP_SUPPORT
    fprintf(output, "  - tcp:127.0.0.1:4446 - listen on TCP port 4446\n");
#endif

Windows:

C:\Development\wsbuild64\run\RelWithDebInfo>sharkd -h

Usage: sharkd [<classic_options>|<gold_options>]

Classic (classic_options):
  [-|<socket>]

  <socket> examples:
  - tcp:127.0.0.1:4446 - listen on TCP port 4446

Gold (gold_options):

Linux:

admin1@ubuntu1:~/wireshark/build_3.5.x/run$ ./sharkd -h

Usage: sharkd [<classic_options>|<gold_options>]

Classic (classic_options):
  [-|<socket>]

  <socket> examples:
  - unix:/tmp/sharkd.sock - listen on unix file /tmp/sharkd.sock

Gold (gold_options):


There is not a man page for sharkd.
Current documentation is on the wiki page and needs a blurb about platform support.