Hi Chris,
Thanks a bunch for the response.
I have decided to disable certain protocols using a ~/.wireshark/disabled_protos file (which I confirmed is being read), however despite "smb" and other smb related protocols being in the disabled list, dissect_smb() is still called:
#10 0x00d3386f in dissect_smb (tvb=0x87f03a0, pinfo=0xbfffe95c, parent_tree=0x87d8810) at packet-smb.c:17016
does adding something to the disabled list just prevent it from being printed, but not from being dissected??
On Tue, Apr 26, 2011 at 2:57 PM, Chris Maynard
<chris.maynard@xxxxxxxxx> wrote:
George Nychis <gnychis@...> writes:
> Another alternative, is to remove packet-smb* from the build.
In most cases, to remove unwanted protocol dissectors from the build, delete the
relevant packet-*.c files from epan/dissectors/Makefile.common's DISSECTOR_SRC.
Alternatively, you could just disable those protocols via "Analyze -> Enabled
Protocols", then uncheck all those that you don't want/need. This method does
not require recompiling Wireshark, but it doesn't prevent someone from
re-enabling them again, so if you want to avoid that, then you'll have to
recompile it.
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe