On Mon, Jun 23, 2008 at 06:12:59PM +1000, Barnes, Pat wrote:
> The current modbus dissector is not suitable - it does not show the
> data anywhere but in the raw output. I need to provide for example,
> the name of the function in the packet summary, and the value of each
> parameter by name in the detailed view.
>
> My question is should I create the dissector as one that replaces
> mbtcp (the modbus dissector), or as one that sits underneath mbtcp and
> re-processes (and relabels) those modbus packets that it recognises?
Can you extend the current modbus dissector to interpret the data you
need to see?
> Of course, I'm not really sure how to accomplish this second task, or
> even really the first one. (I've read through
> http://www.codeproject.com/KB/IP/custom_dissector.aspx and
> http://www.wireshark.org/docs/wsdg_html_chunked/ChDissectAdd.html, and
> have started 'tinkering' thus far)
Make sure to read doc/README.developer too. Check out the latest source
code from the SVN repository and set up your development environment.
Are you going to be programming on Windows or Unix?
http://www.wireshark.org/docs/wsdg_html_chunked/ChapterSetup.html should
help you get going with the dev environment (if you don't already have
one set up), but is mainly focused on Windows.
Steve