Hello everyone, I'm a newbie regarding wireshark so accept my apologies in advanced if this is too obvious I'm on linux/C++ trying to perform a blunt/raw dlopen of a wireshark dissector (asterxi.so). It compiles perfectly but when it's executed this exception arises: Exception: /usr/lib/wireshark/plugins/asterix.so: undefined symbol: dissector_add_uint Well, I'd really appreciate any hints 'cause I'm really lost Regards, asked 17 Sep '14, 11:29 jlseminara edited 17 Sep '14, 12:48 Guy Harris ♦♦ |
One Answer:
Wireshark plugin dissectors use APIs from libwireshark, so if you're going to use a plugin dissector, you're going to have to link your program with libwireshark - they're not usable (and are not intended to be usable) from a random program. answered 17 Sep '14, 12:47 Guy Harris ♦♦ Thank you Guy, I'm already linking against libwireshark, but now I believe the problem is that the dissector (asterix.so) is linked against wireshark-1.8.2-1 and my libwireshark is version 1.10 I believe that could be a problem :O (17 Sep '14, 12:58) jlseminara 1 Yes, the APIs change from major release to major release, so a plugin built against Wireshark 1.M.x won't necessarily work with Wireshark 1.N.x or a program linked with its libraries. In particular, (17 Sep '14, 13:07) Guy Harris ♦♦ |
What version of Wireshark is this?
And by "blunt/raw dlopen", do you mean that you're trying to dlopen the .so in your own program?
It's wireshark 1.8.2-1, and yes I'm doing a dlopen in my program