Hi all,
I am presently working on the decoding and filtering of specific TCP message
data and I was wondering if you could give me a hint on the best way to
implement that.
What I want to do exactly is:
1) Have more info in the protocol tree window when a TCP message contains
specific data.
2) Decode that data when needed in a readable format.
3) Add display filter (in a readable) on the decoded data
This file contain an example of this type of message:
<<MessageExample>>
When parsing the messages included in that captured file, the message with
the frame number 47 will have to be displayed in the new section of the
protocol tree window because the data included in the message includes our
header.
When clicking to see the content of that message, the value 10 included in
the message data will have to be converted into a readable format, witch
make it a lot easier to know what was the message sent by the application.
Finally, it will have to be possible to filter that type of message from the
displayed packets.
Can I just add a new file called packet-xyz or do I have to add code to the
existing packet-tcp.c file or is they're a better way to do that?
Thanks in advance
Gilles
Attachment:
MessageExample
Description: Binary data
