Menu
▾
▴
[Ubertooth-general] Build hints: libbtbb-2015-10-R1 / Wireshark 1.12.8 / Ubuntu 14.04
|
From: Martin J. <mar...@gm...> - 2015-11-16 14:00:22
|
Hi, It took me a little time to work out how to make this combination build properly, so I thought I'd write some quick notes... Background ========== Ubuntu 14.04 comes with an old version of Wireshark: 1.10.6. Looking at some Ubertooth captures in Wireshark 1.10.6, I could only see raw hex, even after building the BTBB and BTBREDR plugins from libbtbb - as per the excellent Build Guide :- https://github.com/greatscottgadgets/ubertooth/wiki/Build-Guide So in the hope of getting improved Wireshark dissectors, I built the latest stable Wireshark version from source (./configure, make, make install). Then I re-built the BTBB and BTBREDR Wireshark plugins like so ... cd libbtbb-2015-10-R1/wireshark/plugins/btbb mkdir build cd build cmake -DCMAKE_INSTALL_LIBDIR=/usr/local/wireshark/plugins/1.12.8 .. make sudo make install .... cd libbtbb-2015-10-R1/wireshark/plugins/btbredr mkdir build cd build cmake -DCMAKE_INSTALL_LIBDIR=/usr/local/wireshark/plugins/1.12.8 .. make sudo make install Problem ======= Wireshark crashed with a segfault at startup if btbb.so or btbredr.so were in its Plugins directory. Presumably the LIBBTBB Wireshark plugins were built against the wrong version of the Wireshark libs or headers. Solution: ======== 1. Use apt-get or synaptic to remove all of Ubuntu's wireshark-related packages: including the "dev" and "lib" variants. This will remove all Wireshark-related header include files and libraries (so that libbtbb can't be built against the wrong ones). 2. Install Wireshark from source (./configure && make && make install). This will install binary executables to /usr/local/bin and libraries to /usr/local/lib. 3. Install the wireshark header include files (because "make install" fails to do that). I don't know which header files are needed, so we may as well just copy them all. You could copy the whole tree but I found an rsync command that would only copy *.h plus the folder structure... cd wireshark_build_folder mkdir /usr/local/include/wireshark rsync -avm --include='*.h' -f 'hide,! */' . \ /usr/local/include/wireshark/ 4. Re-build the BTBB and BTBREDR Wireshark plugins as shown above (giving the correct path for the Wireshark plugins directory). Wireshark seems to be displaying my capture file properly now :-) As an aside, the plugins don't build against Wireshark 2.0RC3. I guess one of the data structures must have changed. Hope this is useful to someone. - Martin |
