Hi, I'm using Wireshark on a Win 8 OS to check the datagrams of a KNX software, and also using a .dll plugin already developed and distributed by http://knxnetipdissect.sourceforge.net/ But I haven't get it to work fine. I've installed 64 and 32 bit version, and applying the compatibility to Win 7 and it's still not working. The site says that I should copy the plugin to the Plugin folder inside the Wireshark folder from windows. The error that shows using 64bit version is: "Couldn't load module C:\Program Files\Wireshark\plugins\1.8.4\knxnetip.dll: `C:\Program Files\Wireshark\plugins\1.8.4\knxnetip.dll': %1 is not a valid Win32 application." And the 32bit version is: "The program can't start because MSVCR71.dll is missing from your computer. Try reinstalling the program to fix this problem." and also: Couldn't load module C:\Program Files (x86)\Wireshark\plugins\1.8.4\knxnetip.dll: `C:\Program Files (x86)\Wireshark\plugins\1.8.4\knxnetip.dll': The specified module could not be found. Can anyone explain me a solution?! Thanks asked 13 Mar '13, 10:04  Canha |
One Answer:
It looks like the plugin dll is a 32 bit version, so you will have to use a 32 bit version of Wireshark. This explains the "not a valid Win32 application" error when you try to run it with 64 bit Wireshark. Next, the dll appears to have been built using VS 2003 for Wireshark 1.0.6 and requires the VC 7.1 runtime DLL. Unfortunately I don't think this is available for download now. In addition, as Wireshark 1.8.x is compiled with a much newer version of VC that uses a newer version of the VC runtime DLL, bad things might happen even if you can find a MSVCR71.dll. To get this running, your best bet will be to setup a Wireshark build environment, create a build of wireshark to ensure you can build it, then add the source of the plugin, fix up whatever has changed between Wireshark 1.0.6 and the current 1.8.x to enable the plugin to be built and then you'll be good to go. answered 13 Mar '13, 10:32  grahamb ♦ |
Also note: http://www.codeproject.com/KB/IP/custom_dissector.aspx (as mentioned in the README.windows) is somewhat out of date as to setting up a Wireshark development environment.
The Wireshark Development Guide has up-to-date information.
Just for the heck of it, I tried building the knxnetip plugin with Wireshark 1.8.
The plugin, as is, built w/o error.
(Note: This is not true for the current dev Wireshark (1.9). There have been some changes in the Wireshark API and in the plugin Windows makefiles in 1.9).
(If you choose to create the plugin for 1.8) basically:
Setup and test by doing a build the Wireshark build environment (as Graham indicated).
Create a dir ...\plugins\knxnetip Put the plugin sources in that dir.
add knxnetip to the appropriate line in plugins\Makefile.nmake
Do a make again ....
Thanks Bill Meier and grahamb...I'll try it in the next couple of days..