[Evan Huus <eapache@xxxxxxxxx>]

On Wed, Jul 24, 2013 at 3:49 AM, Fabiano Ricci <fabiano.ricci@xxxxxxxxxxx> wrote:

I made a mistake in my last message.

The third argument of the enum is obviously an int value (the same of the global_bit_order). You should use a define.

So the enum is:

#define LITTLE 0
#define BIG 1

Just a note that Wireshark already provides #defines for these. If you go this route please use "ENC_LITTLE_ENDIAN" and "ENC_BIG_ENDIAN" instead of adding your own.

 

const enum_val_t enum_gtp_market_data_feed[] =
{
    { "Little Endian", "Decode as Little Endian", LITTLE },
    { "Big Endian", "Decode as Big Endian", BIG},
    { NULL, NULL, 0 }
};

Regards
Fabiano

Fabiano Ricci

___________________________________________
	Please consider the environment before printing this e-mail

Il 24/07/2013 9.44, Fabiano Ricci ha scritto:

Hi,

You can let the user configure the filter by preferences.

You can find many infos here: http://wiki.wireshark.org/Preferences and in the README.dissector file.

EX:
//creates and initialize a global var
static gint global_bit_order = 0;

//creates an enumeration with your options
const enum_val_t enum_gtp_market_data_feed[] =
{
    { "Little Endian", "Decode as Little Endian", "Decode as Little Endian" },
    { "Big Endian", "Decode as Big Endian", "Decode as Big Endian" },
    { NULL, NULL, 0 }
};


//in the proto_register function

//register the preference module
module = prefs_register_protocol(proto, proto_reg_handoff);

//Register enum
prefs_register_enum_preference(module, "bit.order",
                                "Decode as...",
                                "Set the bit order",
                                &global_itch_market,
                                enum_itch_market_data_feed,
                                TRUE);


This will create an ITEM with your protocol name in the wireshark preference window. So the user can easily configure the bit order by change preferences in Edit->Preference->Protocols->YOUPROTO window.

In your code you can check the var global_bit_order to understand if the user is filtering by BIG_END or LITTLE_END.

Hope this help and is what you need.

Regards,
Fabiano

Fabiano Ricci

Il 24/07/2013 9.21, Hardik Patel ha scritto:

Hello all,

I have create a plugin to dissect protocol in TCP payload which is in big endian format.

But some time due to different architecture of server and client I get data in little endian format.

I can write code for that as well, but I like that user can provide comment like if my capture file is little endian or big endian by any means.

So based on user input I can easily select in which format dissector decode the protocol.

Please help how to provide arugument or comment to customized dissector by user?

Regards,
Hardik Patel

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe