Re: Siemens S7Comm-Plus protocol support

[Guy Harris <gharris () sonic net>]

On Aug 18, 2021, at 11:16 PM, Brett D. Rasmussen via Wireshark-dev <wireshark-dev () wireshark org> wrote:

> I have a question regarding support for the Siemens "s7comm-plus" protocol.

> I'm currently running Wireshark 3.4.7 on a Mac system.  (3.4.7 is the latest version on the Mac)

It's the latest version everywhere, although some Linux distributions/*BSD ports or packages/etc. might not yet have 
the latest version (unlike Windows and macOS, where we produce our own builds of the latest release).

> My copy of Wireshark does not yet include the "s7comm-plus" dissector/plugin.

It's not yet part of Wireshark, so you won't get it with a standard release.
 
> Another developer, out on SourceForge.com, has indicated that Wireshark plugin support for the "s7comm-plus" is 
> available out on SourceForge here:
>   https://sourceforge.net/projects/s7commwireshark/
>
> Will support for the "s7comm-plus" protocol be added to the pre-compiled Wireshark download at some point in the 
> future?

Whether a given protocol will be added in a future release is determined by whether somebody takes the time to add it 
or not; we don't have roadmaps that add particular protocols to particular releases.

One of us could take the current version of the plugin and incorporate it into Wireshark, but that wouldn't guarantee 
that later updates from its developer would get into Wireshark.  The most recent commit was a month ago, so it's still 
being actively developed, which means that grabbing a snapshot and incorporating it into Wireshark might not be the 
right way to do this.

Thomas, is there any reason not to incorporate this into the regular Wireshark release?  I'd mean you wouldn't have to 
build Windows binaries and offer them for releases that include it, and would make it easier for non-Windows users to 
analyze those packets, as they wouldn't have to compile it as a plugin and install it themselves.  It appears to be 
licensed under the GPLv2, so there are no licensing issues that I can think of.

> Or, is there a method for adding s7comm-plus support to my current Wireshark installation?

You could:

        go to the code tab at https://sourceforge.net/p/s7commwireshark/code/HEAD/tree/;

        clone the repository;

        download the Wireshark 3.4.7 source, so the Wireshark header files are available, if you haven't done so 
already;

        run the tools/macos-setup.sh script in the Wireshark source tree, so the header files for the support libraries 
are available, if you haven't done so already;

        make sure you have Xcode installed;

        build it;

        install it in the appropriate directory;

but we don't have a tutorial on doing that, so you'd have to figure it out yourself or keep asking questions.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe