[HOWTO] Module Wireshark 1.6.5-i486 for Porteus 1.1 (32 bit)

[liguero]

Module Wireshark 1.6.5-i486 for Porteus 1.1 (32 bit)

For building the wireshark module I have used the following files:

bison-2.4

http://search.slackware.eu/cgi-bin/package.cgi/view/slackware-13.37/slackware/d/bison-2.4.3-i486-2.txz

flex-2.5
http://search.slackware.eu/cgi-bin/package.cgi/download/slackware-13.0/slackware/d/flex-2.5.35-i486-1.txz/USA

wireshark-1.6.5

Info:
http://slackbuilds.org/repository/13.37/network/wireshark/

Source Downloads:
http://www.wireshark.org/download/src/all-versions/wireshark-1.6.5.tar.bz2

Download Slackbuild:
http://slackbuilds.org/slackbuilds/13.37/network/wireshark.tar.gz

HOWTO create modules:

1. Convert txz to xzm:
txz2xzm bison-2.4.3-i486-2.txz
txz2xzm flex-2.5.35-i486-1.txz
activate these two modules. (activate namemodule.txz)

2. Uncompress wireshark.tar.gz to wireshark
tar -zxvf wireshark.tar.gz

guest@porteus:~/Downloads$ ls -l wireshark

-rw-r--r-- 1 guest guest 306 avril 6 2011 doinst.sh
-rw-r--r-- 1 guest guest 1077 mai 17 2011 README
-rw-r--r-- 1 guest guest 1004 mai 17 2011 slack-desc
-rw-r--r-- 1 guest guest 320 févr. 5 04:52 wireshark.info
-rwxr-xr-x 1 guest guest 3858 janv. 30 15:17 wireshark.SlackBuild*


3.,Copy wireshark-1.6.5.tar.bz2 to the wireshark folder

guest@porteus:~/Downloads$ ls -l wireshark

-rw-r--r-- 1 guest guest 306 avril 6 2011 doinst.sh
-rw-r--r-- 1 guest guest 1077 mai 17 2011 README
-rw-r--r-- 1 guest guest 1004 mai 17 2011 slack-desc
-rw-r--r-- 1 guest guest 21505901 mars 22 19:11 wireshark-1.6.5.tar.bz2
-rw-r--r-- 1 guest guest 320 févr. 5 04:52 wireshark.info
-rwxr-xr-x 1 guest guest 3858 janv. 30 15:17 wireshark.SlackBuild*

4. Change directory to wireshark:
guest@porteus:~/Downloads$ cd wireshark

5. Run wireshark.SlackBuild as root (su + password):
guest@porteus:~/Downloads/wireshark# ./wireshark.SlackBuild

Wait about 20 minutes ...
Slackware package /tmp/wireshark-1.6.5-i486-1_SBo.tgz created.

6.Convert tgz to xzm:
guest@porteus:~/Downloads/wireshark# txm2xzm /tmp/wireshark-1.6.5-i486-1_SBo.tgz /tmp/wireshark-1.6.5-i486-1.xzm

7. Activate module:
guest@porteus:~/Downloads/wireshark# activate /tmp/wireshark-1.6.5-i486-1.xzm

Module is now in the folder porteus/modules and activated.
Command appears in menu KDE system.

8. Wireshark Linux for nonroot user (set suid bit):
Wireshark's developers strongly recommend against running as root. As of 9.10, Wireshark installs to menu with no root option, making it useless.
To grant a user permission to capture network traffic using Wireshark or tshark, the system administrator should add the user to wireshark group.

We create a new group "wireshark", add user "guest" to this group. Soft "wireshark" belongs to this group,owner is root and bit suid is set.

guest@porteus:~/Downloads/wireshark# groupadd wireshark
guest@porteus:~/Downloads/wireshark# usermod -G wireshark -a guest
guest@porteus:~/Downloads/wireshark# chgrp wireshark /usr/bin/dumpcap
guest@porteus:~/Downloads/wireshark# chmod u+s o-rx /usr/bin/dumpcap (or chmod 4750 /usr/bin/dumpcap )
guest@porteus:~/Downloads/wireshark# ls -l /usr/bin/dumpcap
-rwSr-x--- 1 root wireshark 57592 mars 23 09:57 dumpcap

Only root and user of group "wireshark" are allowed to capture network traffic.

Log out and log in again. Adding a currently logged in user to a group using groupadd does not take effect until the user has logged out.

The modules "bison" and "flex" no longer required after compilation.You can remove them from the folder "porteus/modules" and store them elsewhere.