Wireshark-users: [Wireshark-users] my first dissector
Date: Tue, 07 Apr 2015 19:50:35 +0000
Dear all,

I'm trying to write my first Wireshark dissector. As an example, I looked at http://protomatics.com/wireshark_dissector.html and the nice Wireshark Wiki pages.

I have installed on my Mac a Homebrew version of wireshark in:
/usr/local/Cellar/wireshark/1.12.4/

I checked out the v1.12.4 version in git:
$ git status
HEAD detached at v1.12.4

If I copy the created .so file to /usr/local/Cellar/wireshark/1.12.4/lib/wireshark/plugins/1.12.4/
and start wireshark-qt, the program terminates with:
ERROR:/Users/sjaak/WiresharkPlugins/wireshark/epan/wmem/wmem_scopes.c:124:wmem_epan_scope: assertion failed: (epan_scope)
Abort trap: 6 (core dumped)

I hope there's somebody out there who can easily see what's wrong? I don't know if I'm doing something wrong or there's a problem with the code.

Thanks,
Sjaak.


I modified a few makesfiles and used cmake to build everything. That part seems to work fine (no errors and I get an .so file in the 'run' folder).

I have these files in the wireshark/plugins/mytest folder:
CMakeLists.txt			Makefile.nmake			packet-mytest.c
Makefile.am			moduleinfo.h			plugin.c
Makefile.common			moduleinfo.nmake		plugin.rc.in

And packet-mytest.c looks like this:


#include "config.h"

#include <epan/packet.h>

#define MYTEST_PORT 1234

static int proto_mytest_10 = -1;
static gint ett_mytest_10 = -1;

static void dissect_mytest10(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
    col_set_str(pinfo->cinfo, COL_PROTOCOL, "MYTEST10");
    col_clear(pinfo->cinfo, COL_INFO);

    if (tree)
    {
        proto_item *ti = proto_tree_add_item(tree, proto_mytest_10, tvb, 0, -1, FALSE);
        tree = proto_item_add_subtree(ti, ett_mytest_10);
    }
}

void proto_register_mytest10(void)
{
    /* Setup protocol subtree array */
    static int *ett[] = { &ett_mytest_10 };

    proto_mytest_10 = proto_register_protocol(
        "MYTEST v1.0 Protocol", // name
        "MYTEST10", // short name
        "mytest10"); // abbrev

    proto_register_subtree_array(ett, array_length(ett));
}

void proto_reg_handoff_mytest10(void)
{
    static dissector_handle_t mytest10_handle;

    mytest10_handle = create_dissector_handle(dissect_mytest10, proto_mytest_10);
    dissector_add_uint("tcp.port", MYTEST10_PORT, mytest10_handle);
}





----
Sent using GuerrillaMail.com
Block or report abuse: https://www.guerrillamail.com/abuse/?a=VkhmAB4IQqYexRun9WwMUgPOX8%2BD2tZCzOpNbtg%3D