Wireshark-dev: Re: [Wireshark-dev] Need help on Reassembly and building ethereal on windows.
From: Jaap Keuter <jaap.keuter@xxxxxxxxx>
Date: Tue, 14 Nov 2006 21:15:59 +0100 (CET)
Hi,

Two remarks:
1. Why use such ancient source code?
2. Detailed development instruction can be found in the Developer Guide
   found on the website www.wireshark.org

Thanx,
Jaap

On Tue, 14 Nov 2006, Annie Misha wrote:

> Hi all,
>    We have added E-GCDR parsing support for GTP' protocol into Ethereal. The code addition has been made in the file packet-gtp.c. We are facing two issues here.
>
>   1. Packet reassembly:
>    Our code works fine when we have a Single GTP' PDU which starts in the beginning of the TCP segment and ends in the same segment.
>
>      When we have a PDU that is segmented and spanning multiple TCP segments, the PDU is not assembled and parsed completely. The code parses only the first segment and gives a Malformed packet error. A GTP' PDU can begin anywhere in a TCP segment. There can be more that one GTP' PDU (Data record request) or only a portion of one in a single segment. But here, when a GTP PDU starts in the middle of the TCP segment then ethereal does not recognize this. It would be great help if you can throw some light on this and your valuable suggestions to resolve the issue.
>
>
>   (We have tried using the tcp_dissect_pdus function - but this solves only one half of the issue. That is on using this, if a GTP' request starts in the beginning of the TCP segment and spans 1 and half segment, the code  parses the complete request by combining the first and half of second segment. However it fails to identify the next GTP' request which is present in the next half of the second segment.)
>
>   (Please note we have identified this issue by building an exe in Linux)
>
> 2. Building Ethereal on  Windows:
>   --------------------------------------------------
>       We are trying to build Ethereal exe for windows using cygwin (including our code changes). When we execute the ./configure command for this, we get the following error:
>
> checking for GTK+ - version >= 2.0.0... no
> *** Could not run GTK+ test program, checking why...
> *** The test program failed to compile or link. See the file config.log for the
> *** exact error that occured. This usually means GTK+ is incorrectly installed.
> checking for pkg-config... (cached) /usr/bin/pkg-config
> checking for GLIB - version >= 2.0.0... yes (version 2.10.3)
> checking whether GLib supports loadable modules... yes
> checking for inttypes.h... (cached) yes
> checking whether inttypes.h defines the PRI[doxu]64 macros... yes
> checking for gethostbyname... yes
> checking for connect... yes
> checking whether to use libpcap for packet capture... yes
> checking for extraneous pcap header directories... not found
> checking pcap.h usability... no
> checking pcap.h presence... no
> checking for pcap.h... no
> configure: error: Header file pcap.h not found; if you installed libpcap
> from source, did you also do "make install-incl", and if you installed a
> binary package of libpcap, is there also a developer's package of libpcap,
> and did you also install that package?
>
>   Can someone please tell us what needs to be done here? It would be of great help if you could give us the exact procedure for building the exe for Windows. Do we have to set the PATH to any specific directory. Do we have to install any additional packages. If so, what are the additional packages to be installed? Your help in overcoming these bottlenecks will be very much appreciated. Thanks in advance.
>
>   Version used: ethereal-0.10.8-SVN-13012
>
>   Thanks,
>   Annie.D
>
>
> ---------------------------------
>  Find out what India is talking about on  - Yahoo! Answers India
>  Send FREE SMS to your friend's mobile from Yahoo! Messenger Version 8. Get it NOW