plugin.example hello.c

edit

Hi all,

In what situations can you compile the hello.c example plugin

https://gitlab.com/wireshark/wireshar...

such that it will get detected under About Wireshark > Plugins, But unable to be found under the filter search.

The relevant filtername should be "hello_ws" however it doesn't seem to found be anywhere.

Trying to find it on tshark doesn't work either.

❯ tshark -Y "hello_ws" -V
tshark: "hello_ws" is not a valid protocol or protocol field.
    hello_ws
    ^~~~~~~~

This is all for release 4.4.1, built via brew.

And I compiled it using

 clang -shared hello.c -o hello.so $(pkg-config --cflags wireshark) $(pkg-config --libs wireshark) -Wall -fPIC

I am trying to understand this because I'm currently working on building some custom plugins for various platforms but I can't seem to get this example working.

I have tried to use a linux docker image to replicate the same compilation steps.

This is the Dockerfile

FROM debian:bookworm

# sid repository for unstable packages because I'm testing for 4.4.1
RUN echo "deb http://deb.debian.org/debian/ sid main" > /etc/apt/sources.list.d/sid.list

RUN apt-get update && \
    apt-get install -y \
    git \
    cmake \
    build-essential \
    clang \
    wireshark=4.4.1-1 \
    wireshark-dev=4.4.1-1 \
    tshark=4.4.1-1 \
    libwireshark-dev=4.4.1-1 \
    libglib2.0-dev \
    libglib2.0-dev-bin \
    && rm -rf /var/lib/apt/lists/*

ENTRYPOINT ["/bin/bash"]

Once insider the container, I run

 clang -shared hello.c -o hello.so $(pkg-config --cflags wireshark) $(pkg-config --libs wireshark) -Wall -fPIC

Copy the hello.so into the right dir (found with tshark -G folders)

cp hello.so /usr/lib/aarch64-linux-gnu/wireshark/plugins/4.4/epan/

And I am able to run the plugin perfectly.

root@c0b132d27190:/plugin# tshark -Y "hello_ws"
Running as user "root" and group "root". This could be dangerous.
Capturing on 'eth0'

What am I missing in compilation on macOS?