Re: [Wireshark-dev] Siemens S7Comm-Plus protocol support
> > > You could: > > go to the code tab at > https://sourceforge.net/p/s7commwireshark/code/HEAD/tree/; > > clone the repository; > > download the Wireshark 3.4.7 source, so the Wireshark header files > are available, if you haven't done so already; > > run the tools/macos-setup.sh script in the Wireshark source tree, > so the header files for the support libraries are available, if you haven't > done so already; > > make sure you have Xcode installed; > > build it; > > install it in the appropriate directory; > > but we don't have a tutorial on doing that, so you'd have to figure it out > yourself or keep asking questions. > > Another semi-automated way, without setting up a local build system is: - fork the github wireshark repo (github.com/wireshark/wireshark) - clone locally, create a new branch, manually incorporate the dissector, push the new branch - the github workflow for macos compiles the branch including the dissector and creates binary distribution for it. IT *should* give you a working mac bin package, despite I've never tested it. However if it works, it gives you a dmg without the hassle of a local build env. Examples: https://github.com/wireshark/wireshark/actions/workflows/macos.yml ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Siemens S7Comm-Plus protocol support
Am 19.08.2021 um 09:52 schrieb Guy Harris: > Thomas, is there any reason not to incorporate this into the regular > Wireshark release? I'd mean you wouldn't have to build Windows > binaries and offer them for releases that include it, and would make > it easier for non-Windows users to analyze those packets, as they > wouldn't have to compile it as a plugin and install it themselves. > It appears to be licensed under the GPLv2, so there are no licensing > issues that I can think of. Hi Guy, my plan was to incorporate it into Wireshark one day. As the protocol is reverse engineered and Siemens is constantly changing minor details of the protocol, there are still many things guessed, not decoded or decoded as dummy fields. The latest change from Siemens was to implement TLS, if this will be standard in the future, then the dissector will become useless. There are some informations where I had to be "creative" to get them, but without them the protocol could be dissected, but the information you see in Wireshark would be almost useless. That's why I hesitated to integrate it into the regular release, and keep the userbase small, if "someone" doesn't like what I've done. -- Best regards Thomas Wiens ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Siemens S7Comm-Plus protocol support
On Aug 18, 2021, at 11:16 PM, Brett D. Rasmussen via Wireshark-dev wrote: > I have a question regarding support for the Siemens "s7comm-plus" protocol. > > I'm currently running Wireshark 3.4.7 on a Mac system. (3.4.7 is the latest > version on the Mac) It's the latest version everywhere, although some Linux distributions/*BSD ports or packages/etc. might not yet have the latest version (unlike Windows and macOS, where we produce our own builds of the latest release). > My copy of Wireshark does not yet include the "s7comm-plus" dissector/plugin. It's not yet part of Wireshark, so you won't get it with a standard release. > Another developer, out on SourceForge.com, has indicated that Wireshark > plugin support for the "s7comm-plus" is available out on SourceForge here: > https://sourceforge.net/projects/s7commwireshark/ > > Will support for the "s7comm-plus" protocol be added to the pre-compiled > Wireshark download at some point in the future? Whether a given protocol will be added in a future release is determined by whether somebody takes the time to add it or not; we don't have roadmaps that add particular protocols to particular releases. One of us could take the current version of the plugin and incorporate it into Wireshark, but that wouldn't guarantee that later updates from its developer would get into Wireshark. The most recent commit was a month ago, so it's still being actively developed, which means that grabbing a snapshot and incorporating it into Wireshark might not be the right way to do this. Thomas, is there any reason not to incorporate this into the regular Wireshark release? I'd mean you wouldn't have to build Windows binaries and offer them for releases that include it, and would make it easier for non-Windows users to analyze those packets, as they wouldn't have to compile it as a plugin and install it themselves. It appears to be licensed under the GPLv2, so there are no licensing issues that I can think of. > Or, is there a method for adding s7comm-plus support to my current Wireshark > installation? You could: go to the code tab at https://sourceforge.net/p/s7commwireshark/code/HEAD/tree/; clone the repository; download the Wireshark 3.4.7 source, so the Wireshark header files are available, if you haven't done so already; run the tools/macos-setup.sh script in the Wireshark source tree, so the header files for the support libraries are available, if you haven't done so already; make sure you have Xcode installed; build it; install it in the appropriate directory; but we don't have a tutorial on doing that, so you'd have to figure it out yourself or keep asking questions. ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe