HICN Plugin for Wireshark¶
The packethicn
plugin adds support to Wireshark to parse and dissect HICN
traffic.
packethicn
can be compiled and installed in two ways:
- Alongside HICN, from the HICN root dir (see Build with HICN)
- As a standalone component (see Standalone build)
The second one is preferred if HICN is already installed in the system.
Supported platforms¶
packethicn
has been tested in
- Ubuntu 20.04
- macOS 12.3
Other platforms and architectures may work.
Installation¶
Build with HICN¶
Dependencies¶
$ sudo add-apt-repository ppa:wireshark-dev/stable
$ sudo apt install -y build-essential cmake wireshark wireshark-dev libgcrypt-dev libgnutls28-dev
Build and install¶
From the root HICN dir add the -DBUILD_WSPLUGIN
flag to cmake.
$ cd hicn
$ mkdir build; cd build
$ cmake -DBUILD_APPS=ON -DBUILD_WSPLUGIN=ON ..
$ make -j`nproc`
$ sudo make install
Standalone build¶
Linux (Ubuntu)¶
Install dependencies¶
$ sudo add-apt-repository ppa:wireshark-dev/stable
$ curl -s https://packagecloud.io/install/repositories/fdio/release/script.deb.sh | sudo bash
$ sudo apt install -y build-essential cmake libhicn-dev wireshark wireshark-dev libgcrypt-dev libgnutls28-dev
Compile and install HICN wireshark plugin¶
$ cd packethicn
$ mkdir build; cd build
$ cmake ..
$ make
$ sudo make install
macOS¶
If installing wireshark via brew use the ./install_macos.sh
script as shown below:
$ brew tap icn-team/hicn-tap
$ brew install hicn
$ brew install wireshark
$ brew install cask wireshark
$ cd packethicn
$ ./install_macos.sh
Otherwise (if wireshark was compiled from sources) you can follow the setup for Linux:
$ cd packethicn
$ mkdir build; cd build
$ cmake ..
$ make
$ sudo make install
Usage¶
Filters¶
Filter | Description | Example |
---|---|---|
hicn |
HICN traffic only | hicn |
hicn.l3.src |
Source address / Name Prefix (of data) | hicn.l3.src == b001::a8f:ae2a:bd5b:0:0 |
hicn.l3.dst |
Destination address / Name Prefix (of interest) | hicn.l3.dst == b001::a8f:ae2a:bd5b:1111:0 |
hicn.l4.namesuffix |
Name Suffix | hicn.l4.namesuffix == 0x21 |
hicn.l4.pathlabel |
Path Label | hicn.l4.pathlabel == 0xbb |
hicn.l4.timescale |
Timescale | hicn.l4.timescale == 4 |
hicn.l4.flags |
Flags | hicn.l4.flags == 0x42 |
hicn.l4.flags.id |
ID Flag | hicn.l4.flags.id == 1 |
hicn.l4.flags.man |
MAN Flag | hicn.l4.flags.man == 0 |
hicn.l4.flags.sig |
SIG Flag | hicn.l4.flags.sig == 0 |
hicn.l4.ldr |
Loss Detection and Recovery | hicn.l4.ldr > 0 |
hicn.l4.csum |
Checksum | hicn.l4.csum > 0 |
hicn.l4.lifetime |
Lifetime | hicn.l4.lifetime == 1000 |