Wireshark-dev: Re: [Wireshark-dev] New GUI for specific protocol

From: Juan Jose Martin Carrascosa <juanjo@xxxxxxx>
Date: Thu, 26 Jan 2017 20:10:43 +0100
Hi again,

Can somebody point to me any simple example? I am able to tap the dissector but I would like to write now a simple app that prints a message in the terminal every time the packet() function is called. I know this looks simple, but it's been some time and I can't get this running...

Thanks,
Juanjo Martin

On Tue, Jan 24, 2017 at 9:10 PM, Guy Harris <guy@xxxxxxxxxxxx> wrote:
On Jan 24, 2017, at 9:51 AM, Juan Jose Martin Carrascosa <juanjo@xxxxxxx> wrote:

> I would like to write a new GUI to show nicely the information obtained from the RTPS dissector. Can Wireshark help with that?

There is no provision in Wireshark for showing the raw dissection result (the protocol tree) differently.  This is intentional - dissectors are supposed to exist, and work, independently of any particular UI code (that's why TShark works).

If you want to show information in some *other* form, you should write a tap with a GUI.  See doc/README.tapping for information on writing a tap.  The tap's per-packet function is passed an epan_dissect_t pointer (which includes a pointer to the *entire* protocol tree, not just the subtree for the protocol being tapped) and a const void * that points to whatever data the dissector passes to the tap.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@wireshark.org?subject=unsubscribe



--

Juanjo Martin
Senior Application Engineer
Professional Services Group
Office: +34 958 27 88 62
Mobile: +34 656 30 20 56