Wireshark-dev: [Wireshark-dev] Query on User DLTs table.
Date: Tue, 24 Aug 2010 15:12:59 +0530

Hello,

 

I have a query on “User DLTs table” window on Wireshark.

My main intention is to dissect Wireshark plug-ins as independent plug-ins (I mean with out dissecting Data Link layer (Ethernet) and IP layers, I directly want to dissect plug-ins on top of IP layer.

I found the following webpage useful for my purpose.

http://wiki.wireshark.org/HowToDissectAnything

 

In the webpage he explained on how to dissect HTTP plug-in as independent plug-in, in the similar way I want to dissect my plug-ins.

My question here is, in Wireshark Edit à Preferences window, on selecting DLT_USER à Edit, in User DLTs Table à New window, we have different DLT values ranging from 147 – 162, in the “Payload Protocol” field it is accepting only some protocols (ex, HTTP, FTP, which I tried) for User 0 (DLT=147).

If I give HTTP in that field, I can dissect HTTP layer directly without its bottom layers. Now how can I define my plug-in names there so that I also can also dissect my plug-ins directly? Do I have to define the plug-in names some where in the code?

Please help in this.

 

Best regards,

Upendra

 

 

Please do not print this email unless it is absolutely necessary.

The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments.

WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.

www.wipro.com