Include support for libSMI in Wireshark
Package Information
- Package name: wireshark
- Package version: 4.2.3-r0
- Alpine version: edge
- Alpine architecture: x86_64
Summary
I often deal with SNMP packet captures. On other distributions, I can configure Wireshark to automatically decode variable bindings using custom MIBs.
This is not currently possible in Alpine Linux because Wireshark is built without support for libSMI (as shown in https://build.alpinelinux.org/buildlogs/build-edge-x86_64/community/wireshark/wireshark-4.2.3-r0.log; look for "SMI_LIBRARY").
I believe this is due to the fact that libSMI itself wasn't available in the repositories until recently.
Since libSMI is now available in edge, would you consider adding it as a build dependency for Wireshark?
Steps to reproduce
- Get a PCAP capture with SNMP packets in them.
- Install the MIBs used in those packets.
- Open the capture in Wireshark/tshark: only basic decoding is done on the SNMP fields.
In particular, when converting the capture to a PDML file using tshark (tshark -T pdml -r /tmp/snmp.pcap > /tmp/snmp.pdml
), variable bindings which use the "DisplayString" TEXTUAL-CONVENTION are represented as OCTETS objects instead of being decoded properly (i.e. no snmp.var-bind_str
subtag is created for them).