harsha ss wrote:
Thank you,
I am going through the same steps as u said.Its Ok with the
problem of linking i can generate .lo files of my dissector file.
I have added three functions initially ie one to register the new
protocol.In that the dissect_xxx is called as the parameter(I think call
back routine).
1. From where actually the dissect_xxx is called because I need to call
the column utilities in that function.
If the dissector is for a link-layer protocol, i.e. a protocol not
encapsulated in another protocol, there needs to be a Wiretap link-layer
type for it, and it would register in the "wtap_encap" dissector table
using the Wiretap link-layer type as the value. See, for example, the
"dissector_add()" call in "packet-fddi.c".
If it's for a protocol encapsulated inside another protocol, it'd either
have to register in a dissector table for that other protocol or that
other protocol's dissector needs to be modified to get a dissector
handle for your dissector and call it through the handle.
If the protocol is both at the top level (i.e., a link-layer protocol)
and encapsulated inside other protocols, it'd do both.
2. What else need to do after registering the new dissector file packet.
Registering the dissector in the fashion I described above should be
sufficient.
3. Shall I use the existing encapsulation type of any to do my decoding.
You haven't told us what the link-layer protocol is, so we don't know
whether an existing encapsulation type can be used. What type of
packets do the files in your new file format contain? Ethernet packets?
PPP packets? Some other type of packet?