Skip to content

Tag: Wireshark

Troubleshooting Ofdissector: a Wireshark plugin to analyze OpenFlow 1.3

Published by castroflaviojr on April 1, 2014

In this last post, I explained how to install the last version of the OFDissector.

I still had one other problem after installing it.

Whenever I run wireshark as a root user I had this following error:

Lua: Error during loading: [string "/usr/share/wireshark/init.lua"]:45: dofile has been disabled

What happens is that whenever something tries to run LUA code with root permissions, that script is blocked.

What you gotta do to fix that: you have to not run wireshark with root permissions. To do that you might want to still be able to capture traffic from all interfaces, then you should do what is described here:

sudo setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/dumpcap

After that you should be able to run Wireshark without any problems.

Thanks

Leave a Comment

Ofdissector: A way to analyze OpenFlow packets in Wireshark at Ubuntu 12.04

Published by castroflaviojr on March 19, 2014

As you start messing around in the Software-Defined Networking area you might want to analyze OpenFlow packets in Wireshark. This post is a installation tutorial of ofdissector, a plugin to analyze OpenFlow 1.3 packets in Wireshark.

The guys from CPqD have developed a plugin called ofdissector that is capable of doing that. In this post I am going to report the troubleshooting I had to do to make it work. The main problem was to make Wireshark to be able of analyzing OF 1.3. The original installation guide is linked here.

What worked?

I started by following this tutorial and finally came up with this successful installation script :

cd  $HOME/
git clone git://github.com/mininet/mininet
mininet/util/install.sh -n3f
sudo -s
apt-get install scons
git clone https://github.com/CPqD/ofdissector    
cd ofdissector/src
export WIRESHARK=/usr/include/wireshark
scons install

Troubleshooting:

The first problem I had was not being able to install ofdissector correctly. Adding the sudo -s command made things better I don’t know why exactly. But before I was having the following error:

scons: Reading SConscript files ...
### ERROR: You need to set the WIRESHARK environment variable to the
location of your wireshark include directory.
### ERROR: (such that epan/packet.h is a valid include path)

The seconde problem I had was conflicting installations of different versions of ofdissector. I installed both versions. You can avoid the problem by not installing the oldversion of ofdissector, using the following line of code instead of the wrong one:

##This is Right!!!
mininet/util/install.sh -n3f
##This is WRONG!!
mininet/util/install.sh -n3fxw
## the w option will install the wireshark plugin for OF1.0

Anyway, if you install both and fall into this problem:

 Err Duplicate protocol name "OpenFlow Protocol"! This might be caused by an inappropriate plugin or a development error.

The only thing you have to do is to remove the old openflow plugin and reinstall the new ofdissector by doing this:

sudo -s
rm -f /usr/lib/wireshark/libwireshark1/plugins/openflow.so
cd $HOME/ofdissector/src
export WIRESHARK=/usr/include/wireshark
scons install

That’s it. Feel free to report issues with the installation script.

2 Comments