1.7. Reporting problems and getting help

If you have problems, or need help with Wireshark, there are several places that may be of interest to you (well, beside this guide of course).

1.7.1. Website

You will find lot’s of useful information on the Wireshark homepage at http://www.wireshark.org/.

1.7.2. Wiki

The Wireshark Wiki at http://wiki.wireshark.org/ provides a wide range of information related to Wireshark and packet capturing in general. You will find a lot of information not part of this developer’s guide. For example, there is an explanation how to capture on a switched network, an ongoing effort to build a protocol reference and a lot more.

And best of all, if you would like to contribute your knowledge on a specific topic (maybe a network protocol you know well), you can edit the wiki pages by simply using your webbrowser.

1.7.3. FAQ

The "Frequently Asked Questions" will list often asked questions and the corresponding answers.

Before sending any mail to the mailing lists below, be sure to read the FAQ, as it will often answer any questions you might have. This will save yourself and others a lot of time. Keep in mind that a lot of people are subscribed to the mailing lists.

You will find the FAQ inside Wireshark by clicking the menu item Help/Contents and selecting the FAQ page in the upcoming dialog.

An online version is available at the Wireshark website: http://www.wireshark.org/faq.html. You might prefer this online version as it’s typically more up to date and the HTML format is easier to use.

1.7.4. Other sources

If you don’t find the information you need inside this book, there are various other sources of information:

  • The file doc/README.developer and all the other README.xxx files in the source code. These are various documentation files on different topics
[Note]Read the README

README.developer is packed full with all kinds of details relevant to the developer of Wireshark source code. It advices you around common pitfalls, shows you basic layout of dissector code, shows details of the APIs available to the dissector developer, etc.

  • The Wireshark source code
  • Tool documentation of the various tools used (e.g. manpages of sed, gcc, etc.)
  • The different mailing lists. See Section 1.7.5, “Mailing Lists”

1.7.5. Mailing Lists

There are several mailing lists available on specific Wireshark topics:

This mailing list will inform you about new program releases, which usually appear about every 4-8 weeks.
This list is for users of Wireshark. People post questions about building and using Wireshark, others (hopefully) provide answers.
This list is for Wireshark developers. People post questions about the development of Wireshark, others (hopefully) provide answers. If you want to start developing a protocol dissector, join this list.
This list is for Wireshark developers. Every time a change to the bug database occurs, a mail to this mailing list is generated. If you want to be notified about all the changes to the bug database, join this list. Details about the bug database can be found in Section 1.7.6, “Bug database (Bugzilla)”.
This list is for Wireshark developers. Every time a change to the SVN repository is checked in, a mail to this mailing list is generated. If you want to be notified about all the changes to the SVN repository, join this list. Details about the SVN repository can be found in Section 3.2, “The Wireshark Git repository”.

You can subscribe to each of these lists from the Wireshark web site: http://www.wireshark.org/lists/. From there, you can choose which mailing list you want to subscribe to by clicking on the Subscribe/Unsubscribe/Options button under the title of the relevant list. The links to the archives are included on that page as well.

[Tip]The archives are searchable

You can search in the list archives to see if someone previously asked the same question and maybe already got an answer. That way you don’t have to wait until someone answers your question.

1.7.6. Bug database (Bugzilla)

The Wireshark community collects bug reports in a Bugzilla database at https://bugs.wireshark.org/. This database is filled with manually filed bug reports, usually after some discussion on wireshark-dev, and automatic bug reports from the buildbot tools.

1.7.7. Q&A Site

The Wireshark Q and A site at http://ask.wireshark.org/ offers a resource where questions and answers come together. You have the option to search what questions were asked before and what answers were given by people who knew about the issue. Answers are graded, so you can pick out the best ones easily. If your issue isn’t discussed before you can post one yourself.

1.7.8. Reporting Problems

[Note]Test with the latest version

Before reporting any problems, please make sure you have installed the latest version of Wireshark. Reports on older maintenance releases are usually met with an upgrade request.

If you report problems, provide as much information as possible. In general, just think about what you would need to find that problem, if someone else sends you such a problem report. Also keep in mind that people compile/run Wireshark on a lot of different platforms.

When reporting problems with Wireshark, it is helpful if you supply the following information:

  1. The version number of Wireshark and the dependent libraries linked with it, e.g. Qt, GTK+, etc. You can obtain this with the command wireshark -v.
  2. Information about the platform you run Wireshark on.
  3. A detailed description of your problem.
  4. If you get an error/warning message, copy the text of that message (and also a few lines before and after it, if there are some), so others may find the build step where things go wrong. Please don’t give something like: "I get a warning when compiling x" as this won’t give any direction to look at.
[Note]Don’t send large files

Do not send large files (>100KB) to the mailing lists, just place a note that further data is available on request. Large files will only annoy a lot of people on the list who are not interested in your specific problem. If required, you will be asked for further data by the persons who really can help you.

[Warning]Don’t send confidential information

If you send captured data to the mailing lists, or add it to your bug report, be sure it doesn’t contain any sensitive or confidential information, such as passwords. Visibility of such files can be limited to certain groups in the Bugzilla database though.

1.7.9. Reporting Crashes on UNIX/Linux platforms

When reporting crashes with Wireshark, it is helpful if you supply the traceback information (besides the information mentioned in Section 1.7.8, “Reporting Problems”).

You can obtain this traceback information with the following commands:

$ gdb `whereis wireshark | cut -f2 -d: | cut -d' ' -f2` core >& bt.txt
[Note]Using GDB

Type the characters in the first line verbatim. Those are back-tics there.

backtrace is a gdb command. You should enter it verbatim after the first line shown above, but it will not be echoed. The ^D (Control-D, that is, press the Control key and the D key together) will cause gdb to exit. This will leave you with a file called bt.txt in the current directory. Include the file with your bug report.

If you do not have gdb available, you will have to check out your operating system’s debugger.

You should mail the traceback to the wireshark-dev mailing list, or attach it to your bug report.

1.7.10. Reporting Crashes on Windows platforms

You can download Windows debugging symbol files (.pdb) from the following locations:

Files are named "Wireshark-pdb-winbits-x.y.z.zip" to match their corresponding "Wireshark-winbits-x.y.z.exe" installer packages.