[HOWTO] Module Wireshark 1.6.5-i486 for Porteus 1.1 (32 bit)

Post tutorials, HOWTO's and other useful resources here.
liguero
White ninja
White ninja
Posts: 14
Joined: 16 Mar 2012, 09:13
Location: FRANCE

[HOWTO] Module Wireshark 1.6.5-i486 for Porteus 1.1 (32 bit)

Post#1 by liguero » 26 Mar 2012, 13:32


Module Wireshark 1.6.5-i486 for Porteus 1.1
(32 bit)

For building the wireshark module I have used the following files:

bison-2.4

http://search.slackware.eu/cgi-bin/pack ... i486-2.txz

flex-2.5
http://search.slackware.eu/cgi-bin/pack ... -1.txz/USA

wireshark-1.6.5


Info:
http://slackbuilds.org/repository/13.37 ... wireshark/

Source Downloads:
http://www.wireshark.org/download/src/a ... .5.tar.bz2

Download Slackbuild:
http://slackbuilds.org/slackbuilds/13.3 ... ark.tar.gz

HOWTO create modules:


1. Convert txz to xzm:
txz2xzm bison-2.4.3-i486-2.txz
txz2xzm flex-2.5.35-i486-1.txz
activate these two modules. (activate namemodule.txz)

2. Uncompress wireshark.tar.gz to wireshark

tar -zxvf wireshark.tar.gz

guest@porteus:~/Downloads$ ls -l wireshark

-rw-r--r-- 1 guest guest 306 avril 6 2011 doinst.sh
-rw-r--r-- 1 guest guest 1077 mai 17 2011 README
-rw-r--r-- 1 guest guest 1004 mai 17 2011 slack-desc
-rw-r--r-- 1 guest guest 320 févr. 5 04:52 wireshark.info
-rwxr-xr-x 1 guest guest 3858 janv. 30 15:17 wireshark.SlackBuild*


3.,Copy wireshark-1.6.5.tar.bz2 to the wireshark folder

guest@porteus:~/Downloads$ ls -l wireshark

-rw-r--r-- 1 guest guest 306 avril 6 2011 doinst.sh
-rw-r--r-- 1 guest guest 1077 mai 17 2011 README
-rw-r--r-- 1 guest guest 1004 mai 17 2011 slack-desc
-rw-r--r-- 1 guest guest 21505901 mars 22 19:11 wireshark-1.6.5.tar.bz2
-rw-r--r-- 1 guest guest 320 févr. 5 04:52 wireshark.info
-rwxr-xr-x 1 guest guest 3858 janv. 30 15:17 wireshark.SlackBuild*

4. Change directory to wireshark:

guest@porteus:~/Downloads$ cd wireshark

5. Run wireshark.SlackBuild as root (su + password):

guest@porteus:~/Downloads/wireshark# ./wireshark.SlackBuild

Wait about 20 minutes ...
Slackware package /tmp/wireshark-1.6.5-i486-1_SBo.tgz created.

6.Convert tgz to xzm:

guest@porteus:~/Downloads/wireshark# txm2xzm /tmp/wireshark-1.6.5-i486-1_SBo.tgz /tmp/wireshark-1.6.5-i486-1.xzm

7. Activate module:

guest@porteus:~/Downloads/wireshark# activate /tmp/wireshark-1.6.5-i486-1.xzm

Module is now in the folder porteus/modules and activated.
Command appears in menu KDE system.

8. Wireshark Linux for nonroot user (set suid bit):
Wireshark's developers strongly recommend against running as root. As of 9.10, Wireshark installs to menu with no root option, making it useless.
To grant a user permission to capture network traffic using Wireshark or tshark, the system administrator should add the user to wireshark group.

We create a new group "wireshark", add user "guest" to this group. Soft "wireshark" belongs to this group,owner is root and bit suid is set.

guest@porteus:~/Downloads/wireshark# groupadd wireshark
guest@porteus:~/Downloads/wireshark# usermod -G wireshark -a guest
guest@porteus:~/Downloads/wireshark# chgrp wireshark /usr/bin/dumpcap
guest@porteus:~/Downloads/wireshark# chmod u+s o-rx /usr/bin/dumpcap (or chmod 4750 /usr/bin/dumpcap )
guest@porteus:~/Downloads/wireshark# ls -l /usr/bin/dumpcap
-rwSr-x--- 1 root wireshark 57592 mars 23 09:57 dumpcap

Only root and user of group "wireshark" are allowed to capture network traffic.


Log out and log in again. Adding a currently logged in user to a group using groupadd does not take effect until the user has logged out.

The modules "bison" and "flex" no longer required after compilation.You can remove them from the folder "porteus/modules" and store them elsewhere.