Yang Ning wrote:
hi
I'm trying to add a field for UDP data payload. So that I can use the strings to search for some information.
(Like for example, I can do udp.length==12345,
I want to add a payload field so that I can do something like "udp.payload contain something")
where abouts does the code for udp dissection situated?
Even simpler:
How about something like this for a filter ??
(I think this will work)
udp && (data contains ...)
(I'm not sure but you might have to disable any protocols which ride on
UDP if you always want to search the complete UDP payload).
-----
If you really want to get into the code, see the Developers Guide
http://www.wireshark.org/docs/wsdg_html_chunked/
as to how to download the source & build Wireshark.
The UDP dissector code is in epan/dissectors/packet-udp.c in the
downloaded source.