Hi,
See my comments inline ----->
Mark Ryden wrote:
Hello,
I am trying to add a dissector to Wireshark in Linux. I work with
wireshark 1.2.3.
I do not have previous experience and my trial is based upon the
wiki and from reading wireshark source code
What I tried is a very basic code, (somthing which can be though of as
HelloWorldDissector) , when my goal is to add a dissector which in
fact does almost nothing, so that first I will be only able to see it
in preferences of wireshark, in the list of protocols, as "SEQ".
Here is the short code I created (in a file called packet-seq.c):
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <gmodule.h> ---------> replace by glib.h
#include <epan/prefs.h>
#include <epan/packet.h>
void proto_reg_handoff_seq(void)
{
}
> ---> make this static
void dissect_seq(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
col_set_str(pinfo->cinfo, COL_PROTOCOL, "FOO");
col_clear(pinfo->cinfo, COL_INFO);
}
static int proto_seq = -1;
static dissector_handle_t seq_handle;
void proto_register_seq(void)
{
module_t *module;
if (proto_seq == -1) ---------> no need to check this, proto_register_*() is called once
{
proto_seq = proto_register_protocol("SEQ protocol", "SEQ", "seq");
};
module = prefs_register_protocol(proto_seq, proto_reg_handoff_seq); ----> 2nd param can be NULL here
}
Now, I added this line in register.c: -----------> Don't, it's done by the build process
{extern void proto_register_seq (void); if(cb) (*cb)(RA_REGISTER,
"proto_register_seq", client_data); proto_register_seq ();}
And I added entries in the Makefile according to other dissectors. ----> Don't, work in Makefile.common
I build it, and a binary called libdissectors_la-packet-seq.o
is created under:
/work/src/wireshark-1.2.3/epan/dissectors/.libs
However, when I start wireshark I do not see it in the
Edit->preferences , in the protocol list.
Any idea what am I missing here? ----> Add a actual preference to manipulate: one of prefs_register_*_preference()
Regards, -------> Study the doc/README.developer some more and follow the instructions there. Don't take shortcuts.
Mark