Hi,
I have recently written a plugin to decode a protocol that sits on top of TCP and carries IP data:
IP ------------------- TCP ------------------- MyProtocol ------------------- IP ------------------- ...
The principal intention of producing the plugin was to help characterise what was being carried in the MyProtocol payload. Running Wireshark with the plugin I have been able to see a variety of protocols that are carried in the payload (e.g. FTP, HTTP, YMSG) in the main dissection table. The problem is that when I open the Protocol Hierarchy Statistics window and expand the TCP tree, only MyProtocol is listed without any expansion option. If someone could please tell me, and hopefully provide an example of, what I need to add to my plugin code in order to capture statistics as to the payload that is being carried then it would be really appreciated.
Thanks a lot, Oli.
Do you know a place like the back of your hand? Share local knowledge with BackOfMyHand.com
|