User Interface
Introduction
Wireshark can be "logically" seperated into the backend (dissecting of
protocols, file load/save, capturing, ...) and the frontend (the user
interface). However, there's currently no clear seperation between
these two parts (no clear API definition), but this might change in the
future.
The following frontends are currently maintained by the Wireshark
development team:
Wireshark, GTK 1.x based
Wireshark, GTK 2.x based
TShark, console based
There are other Wireshark frontends existing, not developped nor
maintained by the Wireshark development team:
Packetyzer (Win32 native interface, written in Delphi and released
under the GPL, see:
)
hethereal (web based frontend, not actively maintained and not
finished)
This chapter is focussed on the Wireshark frontend, and especially on
the GTK specific things.
The GTK library
Wireshark is based on the GTK toolkit, see:
for
details. GTK is designed to hide the details of the underlying GUI in
a platform independant way. As this is appreciated for a
multiplatform tool, this has some drawbacks, as it will result in a
somewhat "non native" look and feel. For example: on Win32, the "File
open" dialog of Wireshark looks very different compared to the native
Win32 dialog the Win32 users are used to see.
GTK is available for a lot of different platforms including, but not
limited, to: Unix/Linux, Mac OS X and Win32. It's the foundation of
the famous GNOME desktop, so the future development of GTK should be
certain.
GTK is implemented in plain C (as Wireshark itself), and available under
the LGPL (Lesser General Public License), being free to used by
commercial and noncommercial applications.
There are other similar toolkits like Qt, wxwidgets, ..., which could
also
be used for Wireshark. There's no "one and only" reason for or against
any of these toolkits. However, the decision towards GTK was made a
long time ago :-)
At the time this document is written there are two major GTK versions
available:
GTK Version 1.x
GTK 1.x was the first major release. Today there are 1.2.x and 1.3.x
versions "in the wild", with only very limitted differences in the API.
Advantages (compared to GTK 2.x):
available on a lot of different platforms
very stable as it's matured for quite a while now
Disadvantages:
the look and feel is a bit oldfashioned
not recommended for future developments
GTK 1.x depends on the following libraries:
GDK (GDK is the abstraction layer
that allows GTK+ to support multiple
windowing systems. GDK provides drawing and window system facilities
on X11, Windows, and the Linux framebuffer device.)
GLib (A general-purpose utility
library, not specific to graphical user interfaces.
GLib provides many useful data types, macros, type conversions,
string utilities, file utilities, a main loop abstraction, and so on.)
GTK 1.x is working on GLib 1.x (typical for Unix like systems) or 2.x
(typical for Win32 like systems).
XXX: include Wireshark GTK1 screenshot
GTK Version 2.x
Advantages (compared to GTK 1.x):
nice look and feel (compared to version 1.x)
recommended for future developments
Disadvantages:
not available on all platforms (compared to version 1.x)
maybe a bit less stable compared to version 1.x (but should be
production stable too)
more dependencies compared to 1.x, see below
GTK 2.x depends on the following libraries:
GObject (Object library. Basis for GTK and others)
GLib (A general-purpose utility
library, not specific to graphical user interfaces.
GLib provides many useful data types, macros, type conversions,
string utilities, file utilities, a main loop abstraction, and so on.)
Pango (Pango is a library for internationalized text handling. It centers
around the #PangoLayout object, representing a paragraph of text.
Pango provides the engine for #GtkTextView, #GtkLabel, #GtkEntry, and
other widgets that display text.)
ATK (ATK is the Accessibility Toolkit. It provides a set of generic
interfaces allowing accessibility technologies to interact with a
graphical user interface. For example, a screen reader uses ATK to
discover the text in an interface and read it to blind users. GTK+
widgets have built-in support for accessibility using the ATK
framework.)
GdkPixbuf (This is a small library which allows you to create #GdkPixbuf
("pixel buffer") objects from image data or image files. Use a
#GdkPixbuf in combination with #GtkImage to display images.)
GDK (GDK is the abstraction layer that allows GTK+ to support multiple
windowing systems. GDK provides drawing and window system facilities
on X11, Windows, and the Linux framebuffer device.)
XXX: include Wireshark GTK2 screenshot
Compatibility between 1.x and 2.x
The GTK library itself defines some values which makes it easy to
distinguish between the versions, e.g.:
GTK_MAJOR_VERSION GTK_MINOR_VERSION
will be set to the GTK version at compile time somewhere inside the
gtk.h headers.
There are some common compatibility issues in Wireshark between the two
versions.
Most of them (the more simple ones) are collected in
gtk/compat_macros.h and can be used in an version independant manner.
However, there are major differences between the two versions, making
it necessary to distinct between them, like:
= 2
...
#else
...
#endif]]>
GTK resources on the web
You can find several resources about GTK.
First of all, have a look at: as this
will be the first place to look at. If you want to develop GTK related
things for Wireshark, the most important place might
be the GTK API documentation at: .
Several mailing lists are available about GTK development, see , the gtk-app-devel-list
may be you friend.
Theres no Win32 specific GTK mailing list. If you want to post
a Win32 specific problem (e.g. a problem in the GtkFileChooser dialog)
and you are sure that it's really Win32 specific, you
could send it to GIMPwin-users at .
As it's often done wrong: You should post a mail to *help* the developers
there instead of only complaining. Posting such a thing like "I don't like
your dialog, it looks ugly" won't be much helpful. You might think about
what you dislike and describe why you dislike it and a suggestion for a
better way.
GUI Reference documents
Although the GUI development of Wireshark is platform independant, the
Wireshark development team tries to
follow the GNOME Human Interface Guidelines (HIG) where appropriate.
This is the case, because both GNOME and Wireshark are based on the GTK+
toolkit and the GNOME HIG is excellently written and easy to understand.
For further reference, see the following documents:
GNOME Human Interface Guidelines at:
KDE user interface related documents at:
Win32 XXX - where are good Win32 styleguides available?
Adding/Extending Dialogs
This is usually the main area for contributing new user interface features.
XXX: add the various functions from gtk/dlg_utils.h
Common GTK programming pitfalls
There are some common pitfalls in GTK programming.
Usage of gtk_widget_show() / gtk_widget_show_all()
When a GTK widget is created it will be hidden by default. In order to
show it, a call to gtk_widget_show() has to be done.
It isn't necessary to do this for each and every widget created. A call
to
gtk_widget_show_all() on the parent of all the widgets in question
(e.g. a dialog window) can be done, so all of it's child widgets will
be shown too.