Your best bet is to visit the wireshark website's developer info
section. In particular, you should read readme.DEVELOPER,
readme.PLUGINS, and readme.DISSECTORS (the latter is critical).
The dissectors one is long, but worth the read.
-Brian
Hal Lander wrote:
The protocol I want to dissect ' foo' is contained within the data of a UPD
packet.
Normall Wireshark would display the UPD packet showing it has a length of 44
bytes and displaying its source and destination. It would also show that the
UDP packet contains 36 bytes of data (which is where my protocol is).
Once I introduce my dissector using
dissector_add("udp.port", 2080, ff_handle);
Wireshark shows foo packets with a length of 44 and no other information.
I was expecting Wireshark to first dissect the UDP packet, then stat to
dissect my foo protocol in the data of the UDP.
I am obviously not understanding how to nest the dissectors, can anybody
point me in the right direction.
TIA
Hal
_________________________________________________________________
Get free, personalized commercial-free online radio with MSN Radio powered
by Pandora http://radio.msn.com/?icid=T002MSN03A07001
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev
