Dear all,
I'm trying to write my first Wireshark dissector. As an example, I looked at http://protomatics.com/wireshark_dissector.html and the nice Wireshark Wiki pages.
I have installed on my Mac a Homebrew version of wireshark in:
/usr/local/Cellar/wireshark/1.12.4/
I checked out the v1.12.4 version in git:
$ git status
HEAD detached at v1.12.4
If I copy the created .so file to /usr/local/Cellar/wireshark/1.12.4/lib/wireshark/plugins/1.12.4/
and start wireshark-qt, the program terminates with:
ERROR:/Users/sjaak/WiresharkPlugins/wireshark/epan/wmem/wmem_scopes.c:124:wmem_epan_scope: assertion failed: (epan_scope)
Abort trap: 6 (core dumped)
I hope there's somebody out there who can easily see what's wrong? I don't know if I'm doing something wrong or there's a problem with the code.
Thanks,
Sjaak.
I modified a few makesfiles and used cmake to build everything. That part seems to work fine (no errors and I get an .so file in the 'run' folder).
I have these files in the wireshark/plugins/mytest folder:
CMakeLists.txt Makefile.nmake packet-mytest.c
Makefile.am moduleinfo.h plugin.c
Makefile.common moduleinfo.nmake plugin.rc.in
And packet-mytest.c looks like this:
#include "config.h"
#include <epan/packet.h>
#define MYTEST_PORT 1234
static int proto_mytest_10 = -1;
static gint ett_mytest_10 = -1;
static void dissect_mytest10(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
col_set_str(pinfo->cinfo, COL_PROTOCOL, "MYTEST10");
col_clear(pinfo->cinfo, COL_INFO);
if (tree)
{
proto_item *ti = proto_tree_add_item(tree, proto_mytest_10, tvb, 0, -1, FALSE);
tree = proto_item_add_subtree(ti, ett_mytest_10);
}
}
void proto_register_mytest10(void)
{
/* Setup protocol subtree array */
static int *ett[] = { &ett_mytest_10 };
proto_mytest_10 = proto_register_protocol(
"MYTEST v1.0 Protocol", // name
"MYTEST10", // short name
"mytest10"); // abbrev
proto_register_subtree_array(ett, array_length(ett));
}
void proto_reg_handoff_mytest10(void)
{
static dissector_handle_t mytest10_handle;
mytest10_handle = create_dissector_handle(dissect_mytest10, proto_mytest_10);
dissector_add_uint("tcp.port", MYTEST10_PORT, mytest10_handle);
}
----
Sent using GuerrillaMail.com
Block or report abuse: https://www.guerrillamail.com/abuse/?a=VkhmAB4IQqYexRun9WwMUgPOX8%2BD2tZCzOpNbtg%3D