I'm new to Wireshark development and I'm having trouble loading my custom Wireshark plugin in a production environment. I've developed and compiled a custom plugin for Linux (CentOS) following the steps in the Wireshark README files. The Wireshark development binary (version 1.10.14) will load the plugin, however, if I copy the plugin to a production machine running Wireshark 1.10.14, it fails to load. I receive a message that tvb_length is not defined. I've tried setting/creating a "LD_LIBRARY_PATH" environment variable, running "ldconfig" command, installing wireshark-devel package, etc....with the same results. How do I compile the plugin so I can drop it in a machine running Wireshark 1.10.14 and get it to successfully load and find the necessary symbols. Do I need to configure the build using the command "./configure --enable-static"? asked 21 Jul '16, 13:10  emucker |
One Answer:
Are you really, really sure your deployment system is running a 1.10 release? In 1.10 The symptoms you're describing make it sound like you're compiling against 1.10.x (so your plugin is expecting a symbol with that name) but running against 1.12.y (where the symbol has been renamed). One thing to check is what tvb*length functions your production libwireshark provides. Try: If you don't see answered 22 Jul '16, 12:41  JeffMorriss ♦ |
Thank you. This was the problem. Although the Wireshark version installed on CentOS 7 reports version 1.10.14, the actual call in the library is tvb_captured_length. Now that I know what is going on, I should be able to resolve it pretty quickly.
For supplemental information. To correct the problem I had to: