Hi,
You could start by reading part II of the developer guide
http://www.wireshark.org/docs/wsdg_html_chunked/PartDevelopment.html
even though that is not complete. It does however touch on the questions you ask.
Thanx,
Jaap
Yuming fang wrote:
Hi, all,
I am adding a new protocol to wireshark. When I add the new protocol,
there are some basic questions I could not understand as follows.
(1) When capturing data from netcard, how does the wireshark choose the
protocol dissector to process the data? For example, if wireshark
receive the tcp data, how could it know these data is tcp data and thus
choose tcp protocol dissector to process these data? Could anyone give
me some explaination on the data flow from the netcard to the display in
wireshark?
(2) I want to use wireshark to process the LTE data(Actually mainly
display the LTE data format in wireshark). Now we have written some
code. However, we have not the LTE netcard. So I want to send the LTE
data through TCP socket(Port is 9999) and thus wireshark could receive
the LTE data through the TCP(Port:9999). Now I could get these LTE data,
but how could I let the wireshark display the LET data format like a
tree? How could I add the LTE code into the TCP(Port:9999) to process
the LET data?
I will appreciate it greatly if someone could give me some advice on
these questions.
Best wishes,
Yuming