Folks,
I have written a plugin that writes into the "protocol" and "info" columns" as follows:
if (check_col(pinfo->cinfo,COL_INFO)) { col_clear(pinfo->cinfo,COL_INFO); } if (check_col(pinfo->cinfo,COL_PROTOCOL)) { col_set_str(pinfo->cinfo,COL_PROTOCOL, "My Protocol"); }
I compiled against the 0.99.5 header files and run with the 0.99.5 version of wireshark,
the protocol column gets updated with the correct info.
However, when I use the same plugin with 0.99.7 version of wireshark, the protocol column shows "UDP" (which is the lower layer protocol. Any idea what is going on?
Similarly, the "Info" column get over written with udp message and not what I want to write into that column.
Thanks,
--Mahesh
Going green? See the top 12 foods to eat organic.
|