Wireshark-dev: Re: [Wireshark-dev] problem to register own protoco...
From: "Abhik Sarkar" <sarkar.abhik@xxxxxxxxx>
Date: Thu, 12 Jun 2008 15:08:25 +0400
Sub-dissectors can't be added against protocol fields, but against dissector tables. H225 registers the following tables: nsp_object_dissector_table = register_dissector_table("h225.nsp.object", "H.225 NonStandardParameter (object)", FT_STRING, BASE_NONE); nsp_h221_dissector_table = register_dissector_table("h225.nsp.h221", "H.225 NonStandardParameter (h221)", FT_UINT32, BASE_HEX); tp_dissector_table = register_dissector_table("h225.tp", "H.225 TunnelledProtocol", FT_STRING, BASE_NONE); gef_name_dissector_table = register_dissector_table("h225.gef.name", "H.225 Generic Extensible Framework (names)", FT_STRING, BASE_NONE); gef_content_dissector_table = register_dissector_table("h225.gef.content", "H.225 Generic Extensible Framework", FT_STRING, BASE_NONE); So you have to see which one you need to register against... it is probably "h225.tp". There is also a discussion in this thread: http://www.wireshark.org/lists/wireshark-dev/200707/msg00214.html which _might_ be of use. HTH Abhik. On Thu, Jun 12, 2008 at 1:24 PM, H F <sam5919@xxxxxxxxxx> wrote: > > > Hi!!! > > > > I'm writing a plugin for our program's own protocol, which encapsulates a > whole 'q931' package in user-user (look at the end of massage in red ) > > > > But I have problem to register own protocol! > > I'm missing the dissector_add() in my (sub)dissector > > > > void > > proto_reg_handoff_mytype(void) > > { > > static gboolean initialized = FALSE; > > > > if (!initialized) { > > H323UserInformation_handle= find_dissector("h323ui"); > > ipnet_handle= create_dissector_handle(dissect_mytype, proto_mytype); > > dissector_add("h225.messageContent_item",0xFE,mytype_handle); > > /*0xFE for identifier my protcol */ > > initialized = TRUE; > > }; > > }; > > > > But when wireshark build !! I get the error: > > ** ERROR:(packet.c:697):???: assertion failed: (sub_dissectors) > > > > > > > > No. Time Source Destination Protocol > Info > > 203 15.094231 10.24.30.13 10.24.30.15 Q.931 CS: > setup SETUP > > > > Frame 203 (210 bytes on wire, 210 bytes captured) > > Arrival Time: Jun 2, 2008 17:57:50.481268000 > > [Time delta from previous captured frame: 0.016456000 seconds] > > [Time delta from previous displayed frame: 15.094231000 seconds] > > [Time since reference or first frame: 15.094231000 seconds] > > Frame Number: 203 > > Frame Length: 210 bytes > > Capture Length: 210 bytes > > [Frame is marked: False] > > [Protocols in frame: eth:ip:tcp:q931:q931:h225:q931] > > [Coloring Rule Name: TCP] > > [Coloring Rule String: tcp] > > Ethernet II, Src: Ericsson_fb:c0:9c (00:01:ec:fb:c0:9c), Dst: > Ericsson_52:f2:14 (00:80:37:52:f2:14) > > Destination: Ericsson_52:f2:14 (00:80:37:52:f2:14) > > Address: Ericsson_52:f2:14 (00:80:37:52:f2:14) > > .... ...0 .... .... .... .... = IG bit: Individual address (unicast) > > .... ..0. .... .... .... .... = LG bit: Globally unique address > (factory default) > > Source: Ericsson_fb:c0:9c (00:01:ec:fb:c0:9c) > > Address: Ericsson_fb:c0:9c (00:01:ec:fb:c0:9c) > > .... ...0 .... .... .... .... = IG bit: Individual address (unicast) > > .... ..0. .... .... .... .... = LG bit: Globally unique address > (factory default) > > Type: IP (0x0800) > > Internet Protocol, Src: 10.24.30.13 (10.24.30.13), Dst: 10.24.30.15 > (10.24.30.15) > > Version: 4 > > Header length: 20 bytes > > Differentiated Services Field: 0xb8 (DSCP 0x2e: Expedited Forwarding; > ECN: 0x00) > > 1011 10.. = Differentiated Services Codepoint: Expedited Forwarding > (0x2e) > > .... ..0. = ECN-Capable Transport (ECT): 0 > > .... ...0 = ECN-CE: 0 > > Total Length: 196 > > Identification: 0xf0fa (61690) > > Flags: 0x00 > > 0... = Reserved bit: Not set > > .0.. = Don't fragment: Not set > > ..0. = More fragments: Not set > > Fragment offset: 0 > > Time to live: 64 > > Protocol: TCP (0x06) > > Header checksum: 0x3836 [correct] > > [Good: True] > > [Bad : False] > > Source: 10.24.30.13 (10.24.30.13) > > Destination: 10.24.30.15 (10.24.30.15) > > Transmission Control Protocol, Src Port: mxomss (1141), Dst Port: > h323hostcall (1720), Seq: 1, Ack: 1, Len: 156 > > Source port: mxomss (1141) > > Destination port: h323hostcall (1720) > > Sequence number: 1 (relative sequence number) > > [Next sequence number: 157 (relative sequence number)] > > Acknowledgement number: 1 (relative ack number) > > Header length: 20 bytes > > Flags: 0x18 (PSH, ACK) > > 0... .... = Congestion Window Reduced (CWR): Not set > > .0.. .... = ECN-Echo: Not set > > ..0. .... = Urgent: Not set > > ...1 .... = Acknowledgment: Set > > .... 1... = Push: Set > > .... .0.. = Reset: Not set > > .... ..0. = Syn: Not set > > .... ...0 = Fin: Not set > > Window size: 5840 > > Checksum: 0xc1ad [validation disabled] > > [Good Checksum: False] > > [Bad Checksum: False] > > TPKT, Version: 3, Length: 156 > > Version: 3 > > Reserved: 0 > > Length: 156 > > Q.931 > > Protocol discriminator: Q.931 > > Call reference value length: 2 > > Call reference flag: Message sent from originating side > > Call reference value: 012A > > Message type: SETUP (0x05) > > Bearer capability > > Information element: Bearer capability > > Length: 3 > > 1... .... = Extension indicator: last octet > > .00. .... = Coding standard: ITU-T standardized coding (0x00) > > ...0 1000 = Information transfer capability: Unrestricted digital > information (0x08) > > 1... .... = Extension indicator: last octet > > .00. .... = Transfer mode: Circuit mode (0x00) > > ...1 0000 = Information transfer rate: 64 kbit/s (0x10) > > 1... .... = Extension indicator: last octet > > ...0 0101 = User information layer 1 protocol: Recommendation H.221 > and H.242 (0x05) > > Called party number: '129' > > Information element: Called party number > > Length: 4 > > .... 1001 = Numbering plan: Private numbering (0x09) > > .100 .... = Number type: Subscriber number (0x04) > > 1... .... = Extension indicator: last octet > > Called party number digits: 129 > > User-user > > Information element: User-user > > Length: 133 > > Protocol discriminator: X.208 and X.209 coded user information > > H.225.0 CS > > H323-UserInformation > > h323-uu-pdu > > h323-message-body: setup (0) > > setup > > protocolIdentifier: 0.0.8.2250.0.2 (Version 2) > > h245Address: ipAddress (0) > > ipAddress > > ip: 10.24.30.13 (10.24.30.13) > > port: 2002 > > sourceInfo > > .... ...0 mc: False > > 0... .... undefinedNode: False > > destinationAddress: 1 item > > Item 0 > > Item: dialedDigits (0) > > dialedDigits: 129 > > .... 0... activeMC: False > > conferenceID: 00000018-3e17-fb70-0008-467f00b63678 > > conferenceGoal: create (0) > > create: NULL > > callType: pointToPoint (0) > > pointToPoint: NULL > > sourceCallSignalAddress: ipAddress (0) > > ipAddress > > ip: 10.24.30.13 (10.24.30.13) > > port: 1720 > > callIdentifier > > guid: 00000018-3e17-fb70-0008-467f00b63678 > > 0... .... mediaWaitForConnect: False > > 1... .... canOverlapSend: True > > 0... .... h245Tunneling: False > > tunnelledSignallingMessage > > tunnelledProtocolID > > id: tunnelledProtocolObjectID (0) > > tunnelledProtocolObjectID: 1.3.12.9 > (SNMPv2-SMI::org.12.9) > > messageContent: 1 item > > Item 0 > > Item: 46 octets > > Q.931 > > Protocol discriminator: Q.931 > > Call reference value length: 2 > > Call reference flag: Message sent from > originating side > > Call reference value: 0053 > > Message type: SETUP (0x05) > > Bearer capability > > Information element: Bearer capability > > Length: 3 > > 1... .... = Extension indicator: last octet > > .00. .... = Coding standard: ITU-T > standardized coding (0x00) > > ...0 0000 = Information transfer capability: > Speech (0x00) > > 1... .... = Extension indicator: last octet > > .00. .... = Transfer mode: Circuit mode > (0x00) > > ...1 0000 = Information transfer rate: 64 > kbit/s (0x10) > > 1... .... = Extension indicator: last octet > > ...0 0011 = User information layer 1 > protocol: Recommendation G.711 A-law (0x03) > > Channel identification > > Information element: Channel identification > > Length: 3 > > 1... .... = Extension indicator: last octet > > .0.. .... = Interface identifier present: > False > > ..1. .... = Interface type: Primary rate > interface > > .... 1... = Indicated channel is exclusive: > Exclusive; only the indicated channel is acceptable > > .... .0.. = D-channel indicator: False > > .... ..01 = Information channel selection: > Channel indicated in following octets (0x01) > > 1... .... = Extension indicator: last octet > > .00. .... = Coding standard: ITU-T > standardized coding (0x00) > > ...0 .... = Number/map: Channel indicated by > number > > .... 0011 = Element type: B-channel units > (0x03) > > 1... .... = Extension indicator: last octet > > .000 0010 = Channel number: 2 > > Non-locking shift to codeset 5: Information > elements for national use > > Unknown information element (0x31) > > Information element: Unknown (0x31) > > Length: 1 > > Data: 80 > > Called party number: '129' > > Information element: Called party number > > Length: 4 > > .... 1001 = Numbering plan: Private > numbering (0x09) > > .100 .... = Number type: Subscriber number > (0x04) > > 1... .... = Extension indicator: last octet > > Called party number digits: 129 > > High-layer compatibility > > Information element: High-layer > compatibility > > Length: 2 > > .00. .... = Coding standard: ITU-T > standardized coding (0x00) > > High layer characteristics identification: > Telephony > > User-user > > Information element: User-user > > Length: 15 > > Protocol discriminator: User-specific > protocol > > User information: > FEB30C07498131323533357F0182 > > > > (0xFE is identifier of own protocol) > > > > 0000 00 80 37 52 f2 14 00 01 ec fb c0 9c 08 00 45 b8 ..7R..........E. > > 0010 00 c4 f0 fa 00 00 40 06 38 36 0a 18 1e 0d 0a 18 [email protected]...... > > 0020 1e 0f 04 75 06 b8 22 40 11 02 00 48 c1 02 50 18 ...u.."@...H..P. > > 0030 16 d0 c1 ad 00 00 03 00 00 9c 08 02 01 2a 05 04 .............*.. > > 0040 03 88 90 a5 70 04 c9 31 32 39 7e 00 85 05 20 d0 ....p..129~... . > > 0050 06 00 08 91 4a 00 02 00 0a 18 1e 0d 07 d2 00 00 ....J........... > > 0060 01 01 00 45 c0 00 00 00 18 3e 17 fb 70 00 08 46 ...E.....>..p..F > > 0070 7f 00 b6 36 78 00 cd 0c 00 00 07 00 0a 18 1e 0d ...6x........... > > 0080 06 b8 11 00 00 00 00 18 3e 17 fb 70 00 08 46 7f ........>..p..F. > > 0090 00 b6 36 78 01 00 01 80 10 88 01 00 35 00 03 2b ..6x........5..+ > > 00a0 0c 09 01 2e 08 02 00 53 05 04 03 80 90 a3 18 03 .......S........ > > 00b0 a9 83 82 9d 31 01 80 70 04 c9 31 32 39 7d 02 91 ....1..p..129}.. > > 00c0 81 7e 0f 00 fe b3 0c 07 49 81 31 32 35 33 35 7f .~......I.12535. > > 00d0 01 82 > > > > . > > Best Regards > > ________________________________ > Avec Windows Live Messenger restez en contact avec tous vos amis ! > Téléchargez Messenger, c'est gratuit ! > _______________________________________________ > Wireshark-dev mailing list > Wireshark-dev@xxxxxxxxxxxxx > https://wireshark.org/mailman/listinfo/wireshark-dev > >
- References:
- Prev by Date: [Wireshark-dev] problem to register own protoco...
- Next by Date: [Wireshark-dev] wireshark 1.0.1?
- Previous by thread: [Wireshark-dev] problem to register own protoco...
- Next by thread: [Wireshark-dev] wireshark 1.0.1?
- Index(es):