Wireshark Capture support

Jeff Singleton gvibe06 at gmail.com
Sun Sep 19 12:31:02 PDT 2010


The last build I pulled was Version 1.5.0 (SVN Rev 34135 from /trunk)

The plugin I am having the most fun with is the SMB File Export plugin.  It
can piece together just about every file transferred over SMB that is
detected in a packet capture.  I'll leave the rest for you to play
with...but its pretty easy to see what people are transferring around the
network.  Add the airpcap plugin, and you can do this wirelessly as well.

Question about port wireshark-devel, does it utilize the built in 'make
osx-app' in anyway to automate making a bundle?

What will it take to get a variant to use this?

-- 
J

On Fri, Sep 17, 2010 at 8:08 PM, Savory Michael <msavory1 at nzbox.com> wrote:

> Hi Jeff
>
> Maybe time for a wireshark-dev port?
> Any docs on the really cool plugins available?
>
> Mike
>
> On Sep 17, 2010, at 5:53 AM, Jeff Singleton wrote:
>
> > Oh ... if you wish to try building Wireshark from SVN, the v1.5.0 tree is
> very stable and a lot of really cool plugins.  Not to mention it comes with
> a 'make osx-app' command that will build the .app bundle for you...there is
> also 'make osx-package' that makes the .pkg bundle.
> >
> > Also, doing it this way provides a ChmodBPF script to automatically set
> the permissions on the /dev/bpf* for you.
> >
> > Here is the configure string I used to build with ... I added
> --enable-airpcap because it adds the functionality for Wireless sniffing. I
> forced my prefix to /opt/wireshark for the binaries, etc. in case I needed
> to run something from the command line.
> >
> > CC=/opt/local/bin/gcc-mp-4.4 CXX=/opt/local/bin/g++-mp-4.4
> CPP=/opt/local/bin/cpp-mp-4.4 PKG_CONFIG_PATH=/opt/local/lib/pkgconfig
> ./configure --prefix=/opt/wireshark --with-python=/opt/local
> --enable-airpcap --disable-gtktest --disable-glibtest --enable-threads
> --disable-warnings-as-errors
> >
> > Enjoy!
> >
>
>
Your HTML signature here
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/macports-users/attachments/20100919/0ef63de5/attachment.html>


More information about the macports-users mailing list