Wireshark · Ethereal-dev: Re: [Ethereal-dev] Add dialogs using plugins

Ethereal-dev: Re: [Ethereal-dev] Add dialogs using plugins

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Guy Harris <guy@xxxxxxxxxxxx>

Date: Fri, 29 Sep 2006 01:33:23 -0700

-------------------
The Ethereal project is being continued at a new site.  Please go to
http://www.wireshark.org and subscribe to wireshark-dev@xxxxxxxxxxxxx.
Don't forget to unsubscribe from this list at
http://www.ethereal.com/mailman/listinfo/ethereal-dev
-------------------

Broadway, Joshua Paul - BROJP002 wrote:

-------------------
The Ethereal project is being continued at a new site.  Please go to
http://www.wireshark.org and subscribe to wireshark-dev@xxxxxxxxxxxxx.
Don't forget to unsubscribe from this list at
http://www.ethereal.com/mailman/listinfo/ethereal-dev
-------------------



------------------------------------------------------------------------

Hi all,

I'm very new to Ethereal and I'm interested in developing plugins for it.

I'm interested in using Ethereal for producing output in differentformats (other than standard Ethereal GUI format) to make it easier forthe user to extract information from the packet data.

Note that, as per the item added to your mail by the Ethereal mailinglist software, none of the former Ethereal core team are working onEthereal any more - they're all working on Wireshark.

As such, no new Ethereal releases have come out in a while, and no bugfixing or new feature work has been done on Ethereal. That work isbeing done on Wireshark.

In the developer help pages there's a section (9.4) about how toadd/extend dialogs. However there's no useful information in the section.
Is it possible to develop plugins for Ethereal that create and displaynew dialogs to the user? Or are the plugins limited to extracting newprotocol information from the data?


Currently, two types of plugins can be written:

1) dissectors, which can only dissect packet data and add informationto the summary line and the packet details;

2) taps, which can process data handed to them by a dissector or canprocess the raw protocol tree.

Dissectors are limited to extracting new protocol information from thedata. Taps could probably do the sort of processing you want.

If it is possible to develop new dialogs, are there some some resourcesthat I could be pointed to for reference?


See docs/README.tapping for some information on writing a tap.

See tap-protohierstat.c for an example of a tap that processes the rawprotocol tree.


See plugins/stats_tree for an example of a plugin tap.
_______________________________________________
Ethereal-dev mailing list
Ethereal-dev@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-dev

References:
- [Ethereal-dev] Add dialogs using plugins
  - From: Broadway, Joshua Paul - BROJP002

Prev by Date: [Ethereal-dev] Add dialogs using plugins
Next by Date: [Ethereal-dev] ¡Oferta de empleo increible!
Previous by thread: [Ethereal-dev] Add dialogs using plugins
Next by thread: [Ethereal-dev] ¡Oferta de empleo increible!
Index(es):
- Date
- Thread

Riverbed Cascade Pilot: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed AirPcap: Complete Visibility of Your Wireless Networks; Multi-Channel, Aggregated Analysis; Portable and Versatile; Easy to Setup and Easy to Use; Ready to Power Your Application

$Riverbed TurboCap: Full-Speed GbE Capture; Port Aggregation; Pass-thru Mode; Aggregating Tap; Full-Speed GbE Injection; Exported Interfaces; TurboCap API Developer\'s Pack$