更新位址:https://www.zybuluo.com/wuzhimang/note/392508
-
- 說明
- CentOS 6 下 wireshark openflow
- 1 最簡單的方法第三方of dissector
- 2 安裝最新版本wiresharkCentOS6
- CentOS 7 下 wireshark openflow
- 1 最簡單的方法第三方of dissector
- 2 安裝最新版本wiresharkCentOS7
- 參考連結
談到OpenFlow協定資料包的解析,之前自己直接是從Mininet官網下載下傳了虛拟機鏡像(ubuntu)的,裡面已經包含了wireshark套件,拿來即可用!
最近需要在CentOS實體機上進行抓包分析,在安裝Wireshark和openflow dissecctor時碰到了一些小問題,在此總結整理并分享下…
0. 說明
- 本文将按照CentOS的版本分别說明如何安裝wireshark,并使其支援OpenFlow協定的解析
- wireshark新版本已支援OpenFlow,但截至日前,在CentOS上需要手動編譯安裝,對安裝環境等有要求,是以比較繁瑣,詳細請見官方wiki描述和wireshark源碼下載下傳
1. CentOS 6 下 wireshark && openflow
1.1 最簡單的方法(第三方of dissector)
- yum 安裝wireshark
,安裝成功後如下yum install -y wireshark*
[[email protected] ofdissector]# rpm -aq | grep wireshark
wireshark-gnome--el6.x86_64
wireshark-devel--el6.x86_64
wireshark--el6.x86_64
- 啟動wireshark(
),檢視其版本資訊(可直接通過指令wireshark &
),是否支援lua,如下圖wireshark -v
- 如果不支援lua,可下載下傳第三方解析包ofdissector,原git網頁上已有詳細的編譯安裝說明,很簡單(需要scons環境,
)!yum install scons -y
- 如果支援lua,可直接從floodlight上下載下傳lua檔案,然後放入wireshark插件目錄(Help–>About Wireshark–>Floders / Plugins,筆者直接放入全局目錄下),接着重新開機wireshark即可
- 如果不支援lua,可下載下傳第三方解析包ofdissector,原git網頁上已有詳細的編譯安裝說明,很簡單(需要scons環境,
[root@gf01 Desktop]# cd /usr/lib64/wireshark/plugins/1.10.14/
[root@gf01 .]# wget https://raw.githubusercontent.com/floodlight/loxigen-artifacts/master/wireshark/openflow.lua
[root@gf01 .]# chmod a+x openflow.lua
1.2 安裝最新版本wireshark(CentOS6)
在CentOS下安裝新版本支援openflow協定的wireshark很繁瑣,不建議本步驟,如需這樣建議直接更新系統到CentOS7!!!
1. 下載下傳編譯安裝,如下系統報了Qt5Core版本的錯誤,且yum支援qt3的安裝,故需要轉入Qt5的安裝
[[email protected] ~]# wget https://www.wireshark.org/download/src/wireshark-2.0.3.tar.bz2
[[email protected] ~]# tar -xjf wireshark-2.0.3.tar.bz2
[[email protected] ~]# cd wireshark-2.0.3 && ./configure
......
checking for sed... (cached) /bin/sed
checking for GNU sed as first sed in PATH... yes
checking if profile builds must be generated... no
checking for Qt5Core - version >= ... no
checking for QtCore - version >= ... no
configure: error: Qt is not available
[[email protected] ~]# cat /etc/redhat-release
CentOS release (Final)
[[email protected] ~]# yum search qt
...
qt3.x86_64 : The shared library for the Qt GUI toolkit
...
qt3-devel.i686 : Development files for the Qt GUI toolkit
...
- Qt5的安裝,筆者從google找到了一篇詳細的安裝教程——如何在CentOS6上安裝Qt5和Qwt,參考這份文檔安裝好兩個後重新編譯wireshark即可(如果你成功的話),但關鍵是需要可能需要“重新編譯gcc,重新編譯gcc,重新編譯gcc”,這是一個超級耗時的過程(筆者在戴爾OPTIPLEX 9020主機上編譯直接花了4個小時,哭了…)
- gcc編譯安裝,這個在第2步中的教程中已經包含,隻是在國内需要找鏡像下載下傳,具體位址可以從gnu ftp上找到,如下
本方法很繁瑣,有興趣和時間的可以嘗試,畢竟原生版本的支援在支援力和性能方面會好不少
2. CentOS 7 下 wireshark && openflow
2.1 最簡單的方法(第三方of dissector)
- yum安裝wireshark,參見1.1–>支援lua,安裝成功後,版本資訊如下,其是支援lua的,且啟動wireshark後,發現該版本并不支援openflow協定((Help–>About Wireshark–>Plugins),故直接1.1–>支援lua即可!
[[email protected] ]# cat /etc/redhat-release
CentOS Linux release (Core)
[[email protected] ]# rpm -aq | grep wireshark
wireshark-devel--el7.x86_64
wireshark-gnome--el7.x86_64
wireshark--el7.x86_64
[[email protected] ]# wireshark -v
wireshark (Git Rev Unknown from unknown)
Copyright - Gerald Combs <[email protected]> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (-bit) with GTK+ , with Cairo , with Pango , with
GLib , with libpcap, with libz , with POSIX capabilities (Linux),
without libnl, with SMI , with c-ares , with Lua , without Python,
with GnuTLS , with Gcrypt , with MIT Kerberos, without GeoIP, without
PortAudio, with AirPcap.
Running on Linux -el7.x86_64, with locale en_US.UTF-, with libpcap
version , with libz , GnuTLS , Gcrypt , without AirPcap.
Intel(R) Xeon(R) CPU E5- v3 @ GHz
Built using gcc (Red Hat -).
[[email protected] ]#
2.2 安裝最新版本wireshark(CentOS7)
- yum 安裝Qt5相關軟體包
yum search qt5
- 參考1.2進行編譯安裝wireshark
3. 參考連結
- qt下載下傳 http://qt-project.org/downloads 及 https://www.qt.io/download-open-source/#section-2
- gcc編譯 https://gcc.gnu.org/wiki/InstallingGCC
- CentOS 6.7下安裝qt5 https://wiki.qt.io/How-to-Install-Qt-5-and-Qwt-on-CentOS-6
- https://wiki.wireshark.org/OpenFlow