安装wireshark
直接用apt-get install 安装的是比较老的版本,比如1.10.7,这种版本无法兼容openflow插件,即使安装了openflow插件也加载不了。
首先,需要安装两个依赖项:
sudo apt-get build-dep wireshark
sudo apt-get install qt4-default
下载新版wireshark安装包,并解压:
tar -xjvf wireshark-1.12.7.tar.bz2
接着开始安装:
cd wireshark-1.12.2/
./configure
make
sudo make install
sudo ldconfig
安装完成,运行wireshark:
wireshark &
运行wireshark时会出现如下错误提示:
Lua: Error during loading:
[string "/usr/share/wireshark/init.lua"]:45: dofile has been disabled
修改方法是:
sudo gedit /usr/share/wireshark/init.lua
倒数第二行原来为:dofile(DATA_DIR.."console.lua"),改为--dofile(DATA_DIR.."console.lua")
添加openflow插件
需要保证wireshark支持openflow,因此先安装openflow。
1、下载安装openflow
sudo apt-get install git-core automake m4 pkg-config libtool
git clone git://gitosis.stanford.edu/openflow.git
cd openflow
./boot.sh
2、安装编译命令,在openflow目录下
sudo apt-get install gcc
./configure
make
sudo make install
3、开始安装wireshark,在openflow目录下获取wireshark
sudo apt-get install wireshark libgtk2.0-dev
4、安装并编译:
cd utilities/wireshark_dissectors/openflow
修改utilities/wireshark_dissectors/openflow/packet-openflow.c文件的769行:
Gedit packet-openflow.c
将dissector_add(...)改为:dissector_add_uint(…),保存并编译:
make
sudo make install
将编译好的库packet-openflow.so放入wireshark插件目录,由于找不到wireshark目录,因此采用“find / -name “wireshark*”” ,找到wireshark插件目录为usr/lib/i386-linux-gnu/wireshark/libwireshark3/plugins。因此命令如下:
Sudo scp packet-openflow.so usr/lib/i386-linux-gnu/wireshark/libwireshark3/plugins/
完成后查看下是否成功复制过去。最后启动wireshark:
Wireshark &