Wireshark-dev: Re: [Wireshark-dev] Disectors & conversations
From: "Cook, Timothy" <tcook@xxxxxxxxxxxxxxxxxx>
Date: Thu, 22 Jun 2006 11:05:03 -0400
Thanks for the info. I have yet another question. Using the routine proto_tree_add_item() to add a signed value to the Protocol tree displays the value in HEX (as expected) & a decimal value in parens. How can I prevent the decimal value from being displayed? -Tim > -----Original Message----- > From: wireshark-dev-bounces@xxxxxxxxxxxxx > [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Jaap Keuter > Sent: Wednesday, June 21, 2006 1:13 PM > To: Developer support list for Wireshark > Subject: Re: [Wireshark-dev] Disectors & conversations > > Hi, > > Technically the TCP ACK only packet isn't part of your > protocol, it's an underlying mechanism that transports the > data for you. The whole idea of protocol layers is that they > are independant, it should be possible to replace TCP with > another stream protocol and your application still works. > Think of UNIX sockets for instance. That is why you shouldn't > be concerned with that in relation to your protocol. > > Thanx, > Jaap > > On Wed, 21 Jun 2006, Cook, Timothy wrote: > > > Isn't it true that myDissector only gets called if the TCP > data length > > > 0? Therefore, since a TCP ACK (data length = 0) will not cause > > myDissector to be called. > > > > I'm new to this whole process! > > > > -Tim > > > > > > > -----Original Message----- > > > From: wireshark-dev-bounces@xxxxxxxxxxxxx > > > [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Jaap > > > Keuter > > > Sent: Wednesday, June 21, 2006 11:59 AM > > > To: Developer support list for Wireshark > > > Subject: Re: [Wireshark-dev] Disectors & conversations > > > > > > Hi, > > > > > > How about > > > > > > if (check_col(pinfo->cinfo, COL_PROTOCOL)) > > > { > > > col_set_str(pinfo->cinfo, COL_PROTOCOL, "myProtocol" ); > > > } > > > > > > Thanx, > > > Jaap > > > > > > On Wed, 21 Jun 2006, Cook, Timothy wrote: > > > > > > > We have written a new dissector for Wireshark. Using the the > > > > README.developer (plus other dissector examples) made > the creation > > > > very simple (thanks for the detailed info). > > > > > > > > My dissector hooks TCP port 1000. > > > > > > > > How can I hook TCP packets (SYN/FIN/RST/...) and change the > > > Protocol > > > > column data to mimic the respective dissector. > > > > > > > > I want to be able to filter based on the protocol & get > the whole > > > > conversation, including the channel open & close. > > > > > > > > > > > > -Tim > > > > > > > > > > _______________________________________________ > > > Wireshark-dev mailing list > > > Wireshark-dev@xxxxxxxxxxxxx > > > http://www.wireshark.org/mailman/listinfo/wireshark-dev > > > > > > ______________________________________________________________ > > > _______________ > > > Scanned by IBM Email Security Management Services powered by > > > MessageLabs. For more information please visit > > > http://www.ers.ibm.com > > > ______________________________________________________________ > > > _______________ > > > > > _______________________________________________ > > Wireshark-dev mailing list > > Wireshark-dev@xxxxxxxxxxxxx > > http://www.wireshark.org/mailman/listinfo/wireshark-dev > > > > _______________________________________________ > Wireshark-dev mailing list > Wireshark-dev@xxxxxxxxxxxxx > http://www.wireshark.org/mailman/listinfo/wireshark-dev > > ______________________________________________________________ > _______________ > Scanned by IBM Email Security Management Services powered by > MessageLabs. For more information please visit > http://www.ers.ibm.com > ______________________________________________________________ > _______________ >
- Follow-Ups:
- Re: [Wireshark-dev] Disectors & conversations
- From: Kukosa, Tomas
- Re: [Wireshark-dev] Disectors & conversations
- From: Guy Harris
- Re: [Wireshark-dev] Disectors & conversations
- Prev by Date: Re: [Wireshark-dev] rev 18525: /trunk/ /trunk/asn1/h225/: h225.cnf/trunk/tools/: asn2wrs.py
- Next by Date: Re: [Wireshark-dev] WinXP build still not oke
- Previous by thread: Re: [Wireshark-dev] Disectors & conversations
- Next by thread: Re: [Wireshark-dev] Disectors & conversations
- Index(es):