["Maynard, Chris" <Christopher.Maynard@xxxxxxxxx>]

OK, I had assumed register_dfilter_stat was defined in one of the .c files in epan/ that’s already part of libwireshark.dll, but it’s not; it’s in gtk/tap_dfilter_dlg.c.  My apologies.  I’m not sure how to solve your problem.

 

- Chris

 

 

From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Floris van Nee
Sent: Monday, July 26, 2010 9:03 PM
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] Stats/tap plugin problem

 

Thanks for the suggestion. This leads to a similar error when trying to compile Wireshark though:

 

libwireshark.def : error LNK2001: unresolved external symbol register_dfilter_st

at

libwireshark.lib : fatal error LNK1120: 1 unresolved externals

NMAKE : fatal error U1077: '"C:\Program Files (x86)\Microsoft Visual Studio 9.0\

VC\BIN\link.EXE"' : return code '0x460'

Stop.

NMAKE : fatal error U1077: '"C:\Program Files (x86)\Microsoft Visual Studio 9.0\

VC\BIN\nmake.exe"' : return code '0x2'

 

I'm not sure what this means. Maybe the file also needs to be included somewhere else?

 

-Floris

 

On Mon, Jul 26, 2010 at 5:35 PM, Maynard, Chris <Christopher.Maynard@xxxxxxxxx> wrote:

Did you try adding register_dfilter_stat to epan/libwireshark.def?

- Chris

 

 

From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Floris van Nee
Sent: Monday, July 26, 2010 5:23 PM
To: wireshark-dev@xxxxxxxxxxxxx
Subject: Re: [Wireshark-dev] Stats/tap plugin problem

 

To partially answer my own question: it seems that by bypassing stats_tree you can manually register to listen to a tap. Here it is possible to specify that you want the complete tree to be build (the flags parameter of function register_tap_listener).

 

Here arises another problem though, because by not using the stats_tree functions, I don't have the nice GUI interface by default and can't use the tick and count functions etc. By looking at the source, h225_ras_srt.c, for example, I noticed that it is possible to manually build this GUI. However, so far I haven't been able to get something like that to compile as a plugin (Windows machine).

 

First it complained that it couldn't find some GTK includes. This could be fixed by changing the makefile to this (add GTK_CFLAGS):

 

CFLAGS=/WX /DHAVE_CONFIG_H /I../.. $(GTK_CFLAGS) \

   $(GLIB_CFLAGS) \

            /I$(PCAP_DIR)\include -D_U_="" $(LOCAL_CFLAGS)

 

But after this a linking error occurred which I haven't been able to fix (see below). It can't find the call to register_dfilter_stat. I tried linking with libui.lib (which is the lib in the gtk folder), though this only made things worse and gave tons of linking errors.

 

Does anyone here have any ideas how to include GUIs in a plugin?

 

Thanks,

Floris

 

        link -dll /out:test.dll /NOLOGO /INCREMENTAL:no /DEBUG /MACHINE:x86 /MAN

IFEST:no test.obj        p_test.obj  q1.obj ..\..\epan\libwireshark.lib  C:\w

ireshark-win32-libs-1.2\gtk2\lib\glib-2.0.lib  C:\wireshark-win32-libs-1.2\gtk2\

lib\gmodule-2.0.lib  C:\wireshark-win32-libs-1.2\gtk2\lib\gobject-2.0.lib test.r

es

   Creating library test.lib and object test.exp

p_test.obj : error LNK2019: unresolved external symbol _register_dfilter_stat re

ferenced in function _register_tap_listener_gtk_test

test.dll : fatal error LNK1120: 1 unresolved externals

NMAKE : fatal error U1077: '"C:\Program Files (x86)\Microsoft Visual Studio 9.0\

VC\BIN\link.EXE"' : return code '0x460'

 

 

 

On Mon, Jul 26, 2010 at 10:32 AM, Floris van Nee <floris.vannee@xxxxxxxxx> wrote:

Hi,

 

I am trying to make a plugin for Wireshark which makes some statistics about captured packets. The basic things work: it can count packets, use the tap to send information collected while dissecting to the stats plugin and do some other stuff using the stats_tree functions.

 

Now I have the following situation:

- My own dissector for my protocol

- My stats plugin for my protocol

- Another protocol (802.11) which my protocol encapsulates - I haven't written the dissector for this one - it is already included in Wireshark.

 

When I try to do some more advanced stuff I run into a couple of problems. The main problem is that I'd like to be able to access the tree (or at least some information, like sequence number of packet, data of ACK etc.) of the protocol which I have encapsulated (802.11). I can't save the 'tree' variable in my dissector to the tap information or to the private_data field, because it seems that when the stats plugin is called, the dissector is also called with tree=NULL, so it skips the whole tree creating part.

 

I guess I either need to get Wireshark to also create the tree when it calls my stats plugin, or find some other way to get the information about the protocol mine encapsulates. Unfortunately I have no clue how to do that. Does anyone here has the knowledge how something like this can be achieved?

 

Thanks,

Floris

 

CONFIDENTIALITY NOTICE: The contents of this email are confidential

and for the exclusive use of the intended recipient. If you receive this

email in error, please delete it from your system immediately and 

notify us either by email, telephone or fax. You should not copy,

forward, or otherwise disclose the content of the email.

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe

 

CONFIDENTIALITY NOTICE: The contents of this email are confidential
and for the exclusive use of the intended recipient. If you receive this
email in error, please delete it from your system immediately and 
notify us either by email, telephone or fax. You should not copy,
forward, or otherwise disclose the content of the email.