Wireshark-dev: Re: [Wireshark-dev] RUDP Plugin functional ?
From: "Jan Kokott" <Blind007@xxxxxx>
Date: Wed, 17 Jan 2007 14:05:25 +0100
Hi, and thx again. Still lot of things to learn. But the setting to 0 in the code itself has just been done to disable it, because it "collides with afs". At least that�s the comment in the .c file. Regards Jan -------- Original-Nachricht -------- Datum: Wed, 17 Jan 2007 13:59:20 +0100 Von: Sebastien Tandel <sebastien@xxxxxxxxx> An: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx> Betreff: Re: [Wireshark-dev] RUDP Plugin functional ? > Hi, > > You have to change the port while wireshark is running and not in the > code of the RUDP dissector. You may do it in the protocol preferences > (Edit->Preferences->protocol RUDP). > > > Regards, > > Sebastien Tandel > > Jan Kokott wrote: > > Hi, > > > > and thanks for the info. I tried to build a packet out of the rfc908 > which defined rdp and not rudp. And the RDP Header consists of quite different > fields. > > > > Another thing I encountered was the line in the rudp plugin > > static guint udp_port = 0; > > I had to change this port to another one (ex.105) to get it working. > > > > At least I can now start to build the first parts of my zigbee plugin. > > > > Greetz > > Jan > > > > -------- Original-Nachricht -------- > > Datum: Mon, 15 Jan 2007 23:53:36 +0100 (CET) > > Von: Jaap Keuter <jaap.keuter@xxxxxxxxx> > > An: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx> > > Betreff: Re: [Wireshark-dev] RUDP Plugin functional ? > > > > > >> Hi, > >> > >> RUDP is implemented as a plugin. Its default UDP port is 0, so you'll > have > >> to change this preference to get it to work, and I think a restart of > >> Wireshark as well. > >> Mind you, it's on top of UDP. > >> > >> Thanx, > >> Jaap > >> > >> On Mon, 15 Jan 2007, Jan Kokott wrote: > >> > >> > >>> That is correct. > >>> And as I said, I modified the packet to the definition of RUDP (rfc908 > >>> > >> Chapter 4). The only thing that is unmodified is the IP and Ethernet > >> Header.(with the modification in the Type declaration). > >> > >>> As much as i understand of RUDP it is also encapsulated in IP so I > added > >>> > >> the Information to the existing body. > >> > >>> Did anybody test the plugin recently ? > >>> I just wanted to know if it does what it´s supposed to do and why > it > >>> > >> analyses my packet, regardless of the plugin being installed or the > plugin > >> removed. > >> > >>> > >>> > >>> -------- Original-Nachricht -------- > >>> Datum: Mon, 15 Jan 2007 20:07:22 +0100 > >>> Von: Andreas Fink <afink@xxxxxxxxxxxxx> > >>> An: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx> > >>> Betreff: Re: [Wireshark-dev] RUDP Plugin functional ? > >>> > >>> > >>>> I dont think a TCP Ack packet looks any similar to a RUDP ACK packet. > >>>> Simply because RUDP is a UDP packet and then a IP packet while a TCP > >>>> ACK packet is a IP packet. Also the structuring of ACK packets in > >>>> RUDP and TCP are totally different. > >>>> > >>>> On 15.01.2007, at 17:57, Jan Kokott wrote: > >>>> > >>>> > >>>>> Hi, > >>>>> > >>>>> is the RUDP Plugin working ? > >>>>> I am trying around a bit with it in order to see how my own > >>>>> dissector should work. > >>>>> I tried to build a little rudp-ack packet out of a tcp-ack packet > >>>>> which I modified with an editor(Protocol-Type 0x1b...). > >>>>> The Info column says "Reliable Data (ox1b)" but that´s all. > >>>>> The Ethernet and IP Header are fragmented correctly, but everything > >>>>> after the Destination IP is marked as "Data". > >>>>> When I delete the .la and the .so from the plugin folder, rudp isn > >>>>> ´t listed in the plugin section anymore. > >>>>> But Wireshark displays the same info about my packet "Reliable Data > >>>>> (ox1b)" and insists on "Data" instead of reading the rudp Header. > >>>>> I was just playing around with an easy to understand plugin in > >>>>> order to get my own up and working. > >>>>> > >>>>> Greetz Jan > >>>>> _______________________________________________ > >>>>> Wireshark-dev mailing list > >>>>> Wireshark-dev@xxxxxxxxxxxxx > >>>>> http://www.wireshark.org/mailman/listinfo/wireshark-dev > >>>>> > >>>> > >>>> > >>>> > >>>> Andreas Fink > >>>> > >>>> Fink Consulting GmbH > >>>> Global Networks Schweiz AG > >>>> BebbiCell AG > >>>> > >>>> --------------------------------------------------------------- > >>>> Tel: +41-61-6666330 Fax: +41-61-6666331 Mobile: +41-79-2457333 > >>>> Address: Clarastrasse 3, 4058 Basel, Switzerland > >>>> E-Mail: andreas@xxxxxxxx > >>>> www.finkconsulting.com www.global-networks.ch www.bebbicell.ch > >>>> --------------------------------------------------------------- > >>>> ICQ: 8239353 MSN: msn1@xxxxxx AIM: smsrelay Skype: andreasfink > >>>> Yahoo: finkconsulting SMS: +41792457333 > >>>> > >>>> > >>>> > >>>> > >>>> > >>>> > >>> _______________________________________________ > >>> Wireshark-dev mailing list > >>> Wireshark-dev@xxxxxxxxxxxxx > >>> http://www.wireshark.org/mailman/listinfo/wireshark-dev > >>> > >>> > >>> > > _______________________________________________ > > Wireshark-dev mailing list > > Wireshark-dev@xxxxxxxxxxxxx > > http://www.wireshark.org/mailman/listinfo/wireshark-dev > > > > _______________________________________________ > Wireshark-dev mailing list > Wireshark-dev@xxxxxxxxxxxxx > http://www.wireshark.org/mailman/listinfo/wireshark-dev
- References:
- Re: [Wireshark-dev] RUDP Plugin functional ?
- From: Jaap Keuter
- Re: [Wireshark-dev] RUDP Plugin functional ?
- From: Jan Kokott
- Re: [Wireshark-dev] RUDP Plugin functional ?
- From: Sebastien Tandel
- Re: [Wireshark-dev] RUDP Plugin functional ?
- Prev by Date: Re: [Wireshark-dev] RUDP Plugin functional ?
- Next by Date: Re: [Wireshark-dev] write plugin following README.plugins
- Previous by thread: Re: [Wireshark-dev] RUDP Plugin functional ?
- Next by thread: [Wireshark-dev] Supply remote interface to wireshark
- Index(es):