how to separate out tshark as separate project?

asked 2019-08-27 05:59:06 +0000

vikrant gravatar image

how to separate out tshark as separate project from available github repo of wireshark ?

Which files we need & how to build it ?

edit retag flag offensive close merge delete


Why would you want to do that? Building the project creates executables that makes it possible to deploy tshark only.

Anders gravatar imageAnders ( 2019-08-27 06:20:34 +0000 )edit

I want very reduce sized version of binary for tshark. Goal is it should parse only limited Protocols like enip/cip/profinet.

vikrant gravatar imagevikrant ( 2019-08-27 06:27:37 +0000 )edit

You are probably better off by editing the list of dissectors then.

Anders gravatar imageAnders ( 2019-08-27 06:54:00 +0000 )edit

Do you know how to configure things so that only tshark (& dumpcap) binary will get created ? (When I tried to execute tshark from different location then it doesn't executed & need dumpcap. That means we have to build tshark & dumpcap. right?)

vikrant gravatar imagevikrant ( 2019-08-27 07:06:25 +0000 )edit

To control your build feed the desired options to cmake, to configure the make files to build what you want. If you want to change the dissector content that is not directly supported. You'll have to go into the Cmake files themselves as commented before. You'll need tshark to dissect packets (on the CLI), you'll need dumpcap if you want to capture packets.

Jaap gravatar imageJaap ( 2019-08-27 10:21:50 +0000 )edit