Ethereal-users: RE: [Ethereal-users] Creating a dissector

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Parks, Chauni" <chauni.parks@xxxxxxxx>
Date: Fri, 06 Dec 2002 15:46:22 -0500
I am using Linux 2-4-18 Red hat Linux 6.2. I haven't tried that last part
you mentioned. When I do I will definitely let you know.

Guy, thanks for your help.

Chauni
********************************************************
Chaunita J. Parks	
Lockheed Martin NE&SS Manassas, VA 20110
Mail Drop 105/019
Phone: (703) 367 4084  Fax:(703) 367 5067 Lab:(703)367 5384
Email: chauni.parks@xxxxxxxx





-----Original Message-----
From: Guy Harris [mailto:guy@xxxxxxxxxx] 
Sent: Friday, December 06, 2002 3:41 PM
To: Parks, Chauni
Cc: 'ethereal-users@xxxxxxxxxxxx'
Subject: Re: [Ethereal-users] Creating a dissector


On Fri, Dec 06, 2002 at 03:32:51PM -0500, Parks, Chauni wrote:
> The dissector is registering using:
> 
> dissector_add("tcp.port", {port number}, {handle});
> 
> I am not a developer,

You've written a dissector; therefore, you are now a developer. :-)

> so I am using the other protocol dissectors that run
> atop TCP as guides. However, I check the register.c file and noticed 
> that my dissector was not listed in that file. Am I suppose to see it 
> there?

Not if it's a plugin.  "register.c" is a list of register routines (phase 1
routines, which are the "proto_register_" routines called by
"register_all_protocols()", and phase 2 routines, which are the
"proto_reg_handoff_" routines called by
"register_all_protocol_handoffs()") for *built-in* dissectors; that list is
compiled into Ethereal, so it can't be used for plugins, which are loaded
into Ethereal when it starts.

Plugin dissectors' register routines are a bit different - the phase 1
registration routine (which registers the protocol, etc.) should be called
"plugin_init()" (or called by "plugin_init()"), and the phase 2 routine
should be called "plugin_reg_handoff()") (or called by
"plugin_reg_handoff()").

What happens if you select a TCP packet to or from the port number in your
"dissector_add()" call, and then use the right mouse button (assuming you're
not doing this on MacOS X :-)) and select the "Decode As..." menu item?  If
your dissector was properly registered with "tcp.port", the list of
protocols in the "Transport" tab in that dialog box should include your
protocol; if it does, what happens if you select that protocol and click
"OK"?