Wireshark-dev: Re: [Wireshark-dev] Linux Dissector Example

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: warlord <warlord@xxxxxxxxxxx>
Date: Fri, 28 Dec 2007 13:55:38 +0100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Hi Steve

Thanks for that email. This really helped a lot. I thought I had to do a
module. This does look way easier indeed. I'm gonna start my work there.

I don't intend to add new GUI functionality. I intend to hack wireshark
to do work it wasn't intended to do, but I'm very optimistic it'll do
just great. I hope to get it up and running quickly and maybe have a
screenshot soon :>

wrl

Stephen Fisher wrote:
> On Fri, Dec 28, 2007 at 10:47:57AM +0100, warlord wrote:
> 
>> So all I am looking for now is a very simple example dissector which I 
>> can compile and use in Linux. I hope/suppose I can find my way from 
>> there. I do realize I can look at all the folders in trunk/, but they 
>> seem to usually contain a gazillion lines of code. I'd prefer a 
>> smaller example.
> 
> I would highly recommend trying to create a built-in dissector instead 
> of a plug-in, at least for your first attempts, as it is much simplier 
> to do.  Either start with the dissector code in README.developer 
> (starting with the "Cut here" text) or Copy a simple dissector such as 
> LLT to a new name replacing <proto> with the name of your dissector.
> 
>  cp epan/dissectors/packet-llt.c epan/dissectors/packet-<proto>.c
> 
> Then add packet-<proto>.c to epan/dissectors/Makefile.common under 
> CLEAN_DISSECTOR_SRC (note that it's in alphabetical order).
> 
> Then run make again and your dissector will be included.
> 
>> My intention is to add a completely different set of functionality to 
>> Wireshark, which could be quite useful for a bigger bunch of people.
> 
> Great!  Remember that dissectors only interpret protocols, if you want 
> to add new GUI functionality to Wireshark for example, we'll need to 
> show you a different set of sample files to go off of.
> 
> 
> Steve
> 
> _______________________________________________
> Wireshark-dev mailing list
> Wireshark-dev@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-dev


- --
dreaming in digital - living in realtime - thinking in binary - talking
in IP - welcome to our world

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHdPJK9A36oltxjVQRA5gTAKCv0weHn/EADY/cKfxNL2Uki8GrLwCgkvOE
Ss+WQ1e3Swm98jRUMkXS9/E=
=XisB
-----END PGP SIGNATURE-----