diff options
Diffstat (limited to 'docs/source/packethicn.md')
-rw-r--r-- | docs/source/packethicn.md | 109 |
1 files changed, 109 insertions, 0 deletions
diff --git a/docs/source/packethicn.md b/docs/source/packethicn.md new file mode 100644 index 000000000..acf2d7cc9 --- /dev/null +++ b/docs/source/packethicn.md @@ -0,0 +1,109 @@ +HICN Plugin for Wireshark +=================== + +The `packethicn` plugin adds support to Wireshark to parse and dissect HICN +traffic. + +`packethicn` can be compiled and installed in two ways: + +1. Alongside HICN, from the HICN root dir (see [Build with + HICN](#Build-with-HICN)) + +2. As a standalone component (see [Standalone build](#Standalone-build)) + +The second one is preferred if HICN is already installed in the system. + +# Supported platforms +`packethicn` has been tested in + +- Ubuntu 20.04 +- macOS 12.3 + +Other platforms and architectures may work. + +# Installation +## Build with HICN + +### Dependencies + +```bash +$ sudo add-apt-repository ppa:wireshark-dev/stable + +$ sudo apt install -y build-essential cmake wireshark wireshark-dev libgcrypt-dev libgnutls28-dev + +``` + +### Build and install + +From the root HICN dir add the `-DBUILD_WSPLUGIN` flag to cmake. + +```bash +$ cd hicn +$ mkdir build; cd build +$ cmake -DBUILD_APPS=ON -DBUILD_WSPLUGIN=ON .. +$ make -j`nproc` +$ sudo make install +``` + +## Standalone build +### Linux (Ubuntu) + +#### Install dependencies +```bash +$ sudo add-apt-repository ppa:wireshark-dev/stable +$ curl -s https://packagecloud.io/install/repositories/fdio/release/script.deb.sh | sudo bash +$ sudo apt install -y build-essential cmake libhicn-dev wireshark wireshark-dev libgcrypt-dev libgnutls28-dev + +``` +#### Compile and install HICN wireshark plugin +```bash +$ cd packethicn +$ mkdir build; cd build +$ cmake .. +$ make +$ sudo make install +``` + + +### macOS +If installing wireshark via brew use the `./install_macos.sh` script as shown below: + +```bash +$ brew tap icn-team/hicn-tap +$ brew install hicn +$ brew install wireshark +$ brew install cask wireshark +$ cd packethicn +$ ./install_macos.sh +``` + +Otherwise (if wireshark was compiled from sources) you can follow the setup for Linux: + +```bash +$ cd packethicn +$ mkdir build; cd build +$ cmake .. +$ make +$ sudo make install +``` + +# Usage + +## Filters + + +| Filter | Description | Example | +| --- | --- | --- | +| `hicn` | HICN traffic only | *hicn* | +| `hicn.l3.src` | Source address / Name Prefix (of data) | *hicn.l3.src == b001::a8f:ae2a:bd5b:0:0* | +| `hicn.l3.dst` | Destination address / Name Prefix (of interest) | *hicn.l3.dst == b001::a8f:ae2a:bd5b:1111:0* | +| `hicn.l4.namesuffix ` | Name Suffix | *hicn.l4.namesuffix == 0x21* | +| `hicn.l4.pathlabel ` | Path Label | *hicn.l4.pathlabel == 0xbb* | +| `hicn.l4.timescale ` | Timescale | *hicn.l4.timescale == 4* | +| `hicn.l4.flags ` | Flags | *hicn.l4.flags == 0x42* | +| `hicn.l4.flags.id ` | ID Flag | *hicn.l4.flags.<span></span>id == 1* | +| `hicn.l4.flags.man ` | MAN Flag | *hicn.l4.flags.man == 0* | +| `hicn.l4.flags.sig ` | SIG Flag | *hicn.l4.flags.sig == 0* | +| `hicn.l4.ldr ` | Loss Detection and Recovery | *hicn.l4.ldr > 0* | +| `hicn.l4.csum ` | Checksum | *hicn.l4.csum > 0* | +| `hicn.l4.lifetime ` | Lifetime | *hicn.l4.lifetime == 1000* | |