Custom Plugin not showing for wireshark group user but showing non-wireshark group user

asked 2018-06-12 02:00:25 +0000

MSK gravatar image

Hello,

I have build a new dissector and added plugins on 2.6.1 wireshark version running on ubuntu 17. When I run the wireshark for the my username who has been added to the wireshark group, I don't see my plugin under Analyze -> Enabled protocols and hence not in Help->About Wireshark -> plugins.

Seems that wireshark is not dissecting the plugin. However, if I were to start wireshark outside of the wireshark group, plugin shows up but I need to be able to see the plugins for the user in the wireshark group so that I can capture the packets.

Please advice as I am not sure why for the wireshark group user the plugin does not shows up at all?

edit retag flag offensive close merge delete

Comments

Exactly how did you add the plugin to Wireshark? Put it in the file system, in /usr or /home? Did you roll a deb and installed that? How do you run Wireshark, with what command line?

Jaap gravatar imageJaap ( 2018-06-12 05:55:38 +0000 )edit

Plugin was added using the readme.plugin documentation. I put it in plugins/epan folder as done for gryphon plugin. My wireshark is stored in the home folder and I run it using su -l user_name -c/usr/bin/wireshark.

What do you mean by deb?

MSK gravatar imageMSK ( 2018-06-12 06:00:49 +0000 )edit

To install the wireshark I downloaded the tar file and installed in my home folder.

MSK gravatar imageMSK ( 2018-06-12 06:09:53 +0000 )edit

Oke, so from the description I understand that you're building from source, from a tarball you've downloaded from the Wireshark website. That's good. Following the readme.plugin documentation is also good. Once the build is done, do you do an install, and if so where to? I am puzzled by the use if the command you use to run it su -l user_name -c /usr/bin/wireshark, why is that?. Do you have a Wireshark package from the Ubuntu repository installed as well?

Jaap gravatar imageJaap ( 2018-06-12 07:52:48 +0000 )edit

I think I may have made mistake in way I did installtion. I have downloaded the source code and running wireshark from the apt install.

I have removed the wireshark installed from the apt so now have only source code in my home folder. I can now see my plugins in the Analyze folder. However, now I have permission issues as I am unable to capture packages.

MSK gravatar imageMSK ( 2018-06-12 08:01:26 +0000 )edit
see more comments