This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

What are the best ways to debug a Wireshark Dissector?

I'm testing someone's else dissector which seems not working as expected in the decryption part that is related to Wireshark(more specifically, the file called packet-ssl-utils.c). I want to find out what is going wrong so I decided to debug the relevant code.

I built Wireshark under linux in the command line and I used Mousepad text editor to add several ssl_debug_printf statements here and there but I found them not that practical to use. I feel this way is naive and I believe there should be more professional ways to accomplish this specific task but I'm really not sure what they are.

One solution I'm thinking in is rebuilding Wireshark in eclipse and use the debugger there. However, this solution seems to involve some complicated steps and I wasn't able to tell if it works or not based on the quick Google's search I did. So I thought that I can ask here about suggestions to methods or tools to use to debug a WireShark dissector.

Thanks in advance!

debug dissector wireshark linux

asked 08 Jul '14, 15:41

flora
156●31●33●38
accept rate: 100%

edited 08 Jul '14, 15:42

One Answer:

Well, I don't think there is a 'best' way, so I recommend to start with the Wiki

http://wiki.wireshark.org/Development/Tips

Furthermore you could use your preferred debugger add some breakpoints with the G_BREAKPOINT() macro. See my comment in the following question:

http://ask.wireshark.org/questions/15602/how-to-debug-my-plugin-on-ubuntu-linux

Regards
Kurt

answered 08 Jul '14, 17:27

Kurt Knochner ♦
24.8k●10●39●237
accept rate: 15%

Thank you. The first link was really useful.

(15 Jul '14, 10:41) flora

You're welcome.

(15 Jul '14, 10:57) Kurt Knochner ♦