Wireshark-dev: Re: [Wireshark-dev] How does the wireshark identify the corresponding protocol a

From: Jaap Keuter <jaap.keuter@xxxxxxxxx>
Date: Mon, 22 Dec 2008 10:44:45 +0100
Hi,

You could start by reading part II of the developer guide http://www.wireshark.org/docs/wsdg_html_chunked/PartDevelopment.html
even though that is not complete. It does however touch on the questions you ask.

Thanx,
Jaap

Yuming fang wrote:
Hi, all,
I am adding a new protocol to wireshark. When I add the new protocol, there are some basic questions I could not understand as follows. (1) When capturing data from netcard, how does the wireshark choose the protocol dissector to process the data? For example, if wireshark receive the tcp data, how could it know these data is tcp data and thus choose tcp protocol dissector to process these data? Could anyone give me some explaination on the data flow from the netcard to the display in wireshark? (2) I want to use wireshark to process the LTE data(Actually mainly display the LTE data format in wireshark). Now we have written some code. However, we have not the LTE netcard. So I want to send the LTE data through TCP socket(Port is 9999) and thus wireshark could receive the LTE data through the TCP(Port:9999). Now I could get these LTE data, but how could I let the wireshark display the LET data format like a tree? How could I add the LTE code into the TCP(Port:9999) to process the LET data? I will appreciate it greatly if someone could give me some advice on these questions. Best wishes,
Yuming