Does following
scenario occur with anybody's installation, too?
I am using Visual
Studio 8 to compile wireshark and my dissector. Everything works fine, so
far.
But
when I put
my dissector dll on another machine, where the original Wireshark (0.99.6) is
installed, Wireshark shows strange behaviour regarding
dissection.
Randomly some single
packets are shown (using proto_tree_add_debug_text) with the value
pinfo->fd->flags.visited as TRUE when opening a file.
I guess this should
not be the normal behaviour?
This happens even
when compiling an "empty" dissector which does nothing else than show the
visited flag.
Attached you can
find the dll and the source for it, also one capture file for
testing.
Details of my VS
Installation:
Microsoft Visual Studio 2005
Version
8.0.50727.42 (RTM.050727-4200)
Microsoft .NET Framework
Version
2.0.50727
Installed Edition: Enterprise
I would greatly
appreciate help, comments, sweets, donations.. ;)
Frank
Attachment:
visited.dll
Description: visited.dll
Attachment:
packet-visited.c
Description: packet-visited.c
Attachment:
temp.pcap
Description: temp.pcap
