Wireshark-dev: Re: [Wireshark-dev] RUDP Plugin functional ?
From: Sebastien Tandel <sebastien@xxxxxxxxx>
Date: Wed, 17 Jan 2007 13:59:20 +0100
Hi, You have to change the port while wireshark is running and not in the code of the RUDP dissector. You may do it in the protocol preferences (Edit->Preferences->protocol RUDP). Regards, Sebastien Tandel Jan Kokott wrote: > Hi, > > and thanks for the info. I tried to build a packet out of the rfc908 which defined rdp and not rudp. And the RDP Header consists of quite different fields. > > Another thing I encountered was the line in the rudp plugin > static guint udp_port = 0; > I had to change this port to another one (ex.105) to get it working. > > At least I can now start to build the first parts of my zigbee plugin. > > Greetz > Jan > > -------- Original-Nachricht -------- > Datum: Mon, 15 Jan 2007 23:53:36 +0100 (CET) > Von: Jaap Keuter <jaap.keuter@xxxxxxxxx> > An: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx> > Betreff: Re: [Wireshark-dev] RUDP Plugin functional ? > > >> Hi, >> >> RUDP is implemented as a plugin. Its default UDP port is 0, so you'll have >> to change this preference to get it to work, and I think a restart of >> Wireshark as well. >> Mind you, it's on top of UDP. >> >> Thanx, >> Jaap >> >> On Mon, 15 Jan 2007, Jan Kokott wrote: >> >> >>> That is correct. >>> And as I said, I modified the packet to the definition of RUDP (rfc908 >>> >> Chapter 4). The only thing that is unmodified is the IP and Ethernet >> Header.(with the modification in the Type declaration). >> >>> As much as i understand of RUDP it is also encapsulated in IP so I added >>> >> the Information to the existing body. >> >>> Did anybody test the plugin recently ? >>> I just wanted to know if it does what it´s supposed to do and why it >>> >> analyses my packet, regardless of the plugin being installed or the plugin >> removed. >> >>> >>> >>> -------- Original-Nachricht -------- >>> Datum: Mon, 15 Jan 2007 20:07:22 +0100 >>> Von: Andreas Fink <afink@xxxxxxxxxxxxx> >>> An: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx> >>> Betreff: Re: [Wireshark-dev] RUDP Plugin functional ? >>> >>> >>>> I dont think a TCP Ack packet looks any similar to a RUDP ACK packet. >>>> Simply because RUDP is a UDP packet and then a IP packet while a TCP >>>> ACK packet is a IP packet. Also the structuring of ACK packets in >>>> RUDP and TCP are totally different. >>>> >>>> On 15.01.2007, at 17:57, Jan Kokott wrote: >>>> >>>> >>>>> Hi, >>>>> >>>>> is the RUDP Plugin working ? >>>>> I am trying around a bit with it in order to see how my own >>>>> dissector should work. >>>>> I tried to build a little rudp-ack packet out of a tcp-ack packet >>>>> which I modified with an editor(Protocol-Type 0x1b...). >>>>> The Info column says "Reliable Data (ox1b)" but that´s all. >>>>> The Ethernet and IP Header are fragmented correctly, but everything >>>>> after the Destination IP is marked as "Data". >>>>> When I delete the .la and the .so from the plugin folder, rudp isn >>>>> ´t listed in the plugin section anymore. >>>>> But Wireshark displays the same info about my packet "Reliable Data >>>>> (ox1b)" and insists on "Data" instead of reading the rudp Header. >>>>> I was just playing around with an easy to understand plugin in >>>>> order to get my own up and working. >>>>> >>>>> Greetz Jan >>>>> _______________________________________________ >>>>> Wireshark-dev mailing list >>>>> Wireshark-dev@xxxxxxxxxxxxx >>>>> http://www.wireshark.org/mailman/listinfo/wireshark-dev >>>>> >>>> >>>> >>>> >>>> Andreas Fink >>>> >>>> Fink Consulting GmbH >>>> Global Networks Schweiz AG >>>> BebbiCell AG >>>> >>>> --------------------------------------------------------------- >>>> Tel: +41-61-6666330 Fax: +41-61-6666331 Mobile: +41-79-2457333 >>>> Address: Clarastrasse 3, 4058 Basel, Switzerland >>>> E-Mail: andreas@xxxxxxxx >>>> www.finkconsulting.com www.global-networks.ch www.bebbicell.ch >>>> --------------------------------------------------------------- >>>> ICQ: 8239353 MSN: msn1@xxxxxx AIM: smsrelay Skype: andreasfink >>>> Yahoo: finkconsulting SMS: +41792457333 >>>> >>>> >>>> >>>> >>>> >>>> >>> _______________________________________________ >>> Wireshark-dev mailing list >>> Wireshark-dev@xxxxxxxxxxxxx >>> http://www.wireshark.org/mailman/listinfo/wireshark-dev >>> >>> >>> > _______________________________________________ > Wireshark-dev mailing list > Wireshark-dev@xxxxxxxxxxxxx > http://www.wireshark.org/mailman/listinfo/wireshark-dev >
- Follow-Ups:
- Re: [Wireshark-dev] RUDP Plugin functional ?
- From: Jan Kokott
- Re: [Wireshark-dev] RUDP Plugin functional ?
- References:
- Re: [Wireshark-dev] RUDP Plugin functional ?
- From: Jaap Keuter
- Re: [Wireshark-dev] RUDP Plugin functional ?
- From: Jan Kokott
- Re: [Wireshark-dev] RUDP Plugin functional ?
- Prev by Date: Re: [Wireshark-dev] write plugin following README.plugins
- Next by Date: Re: [Wireshark-dev] RUDP Plugin functional ?
- Previous by thread: Re: [Wireshark-dev] RUDP Plugin functional ?
- Next by thread: Re: [Wireshark-dev] RUDP Plugin functional ?
- Index(es):