Wireshark-dev: Re: [Wireshark-dev] RUDP Plugin functional ?

From: "Jan Kokott" <Blind007@xxxxxx>
Date: Wed, 17 Jan 2007 13:54:36 +0100
Hi,

and thanks for the info. I tried to build a packet out of the rfc908 which defined rdp and not rudp. And the RDP Header consists of quite different fields.

Another thing I encountered was the line in the rudp plugin 
  static guint udp_port = 0;
I had to change this port to another one (ex.105) to get it working.

At least I can now start to build the first parts of my zigbee plugin.

Greetz 
Jan

-------- Original-Nachricht --------
Datum: Mon, 15 Jan 2007 23:53:36 +0100 (CET)
Von: Jaap Keuter <jaap.keuter@xxxxxxxxx>
An: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx>
Betreff: Re: [Wireshark-dev] RUDP Plugin functional ?

> Hi,
> 
> RUDP is implemented as a plugin. Its default UDP port is 0, so you'll have
> to change this preference to get it to work, and I think a restart of
> Wireshark as well.
> Mind you, it's on top of UDP.
> 
> Thanx,
> Jaap
> 
> On Mon, 15 Jan 2007, Jan Kokott wrote:
> 
> > That is correct.
> > And as I said, I modified the packet to the definition of RUDP (rfc908
> Chapter 4). The only thing that is unmodified is the IP and Ethernet
> Header.(with the modification in the Type declaration).
> > As much as i understand of RUDP it is also encapsulated in IP so I added
> the Information to the existing body.
> > Did anybody test the plugin recently ?
> > I just wanted to know if it does what it´s supposed to do and why it
> analyses my packet, regardless of the plugin being installed or the plugin
> removed.
> >
> >
> >
> >
> > -------- Original-Nachricht --------
> > Datum: Mon, 15 Jan 2007 20:07:22 +0100
> > Von: Andreas Fink <afink@xxxxxxxxxxxxx>
> > An: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx>
> > Betreff: Re: [Wireshark-dev] RUDP Plugin functional ?
> >
> > > I dont think a TCP Ack packet looks any similar to a RUDP ACK packet.
> > > Simply because RUDP is a UDP packet and then a IP packet while a TCP
> > > ACK packet is a IP packet. Also the structuring of ACK packets in
> > > RUDP and TCP are totally different.
> > >
> > > On 15.01.2007, at 17:57, Jan Kokott wrote:
> > >
> > > > Hi,
> > > >
> > > > is the RUDP Plugin working ?
> > > > I am trying around a bit with it in order to see how my own
> > > > dissector should work.
> > > > I tried to build a little rudp-ack packet out of a tcp-ack packet
> > > > which I modified with an editor(Protocol-Type 0x1b...).
> > > > The Info column says "Reliable Data (ox1b)" but that´s all.
> > > > The Ethernet and IP Header are fragmented correctly, but everything
> > > > after the Destination IP is marked as "Data".
> > > > When I delete the .la and the .so from the plugin folder, rudp isn
> > > > ´t listed in the plugin section anymore.
> > > > But Wireshark displays the same info about my packet "Reliable Data
> > > > (ox1b)" and insists on "Data" instead of reading the rudp Header.
> > > > I was just playing around with an easy to understand plugin in
> > > > order to get my own up and working.
> > > >
> > > > Greetz   Jan
> > > > _______________________________________________
> > > > Wireshark-dev mailing list
> > > > Wireshark-dev@xxxxxxxxxxxxx
> > > > http://www.wireshark.org/mailman/listinfo/wireshark-dev
> > >
> > >
> > >
> > >
> > >
> > > Andreas Fink
> > >
> > > Fink Consulting GmbH
> > > Global Networks Schweiz AG
> > > BebbiCell AG
> > >
> > > ---------------------------------------------------------------
> > > Tel: +41-61-6666330 Fax: +41-61-6666331  Mobile: +41-79-2457333
> > > Address: Clarastrasse 3, 4058 Basel, Switzerland
> > > E-Mail:  andreas@xxxxxxxx
> > > www.finkconsulting.com www.global-networks.ch www.bebbicell.ch
> > > ---------------------------------------------------------------
> > > ICQ: 8239353 MSN: msn1@xxxxxx AIM: smsrelay Skype: andreasfink
> > > Yahoo: finkconsulting SMS: +41792457333
> > >
> > >
> > >
> > >
> > >
> > _______________________________________________
> > Wireshark-dev mailing list
> > Wireshark-dev@xxxxxxxxxxxxx
> > http://www.wireshark.org/mailman/listinfo/wireshark-dev
> >
> >
>