Wireshark-dev: [Wireshark-dev] Question about dissector - how can I split the bit stream into s
Dear all,
![]()
![]()
![]()
currently,I was trying to develop a plugin to parse a bit stream in wireshark.now the problem was how to split the bit stream into separate Frames with corresponding message?
the caputred now below.
what I wanted was below:
Frame 1 Message_A
Hill-Stream Message_A
Hill-Stream Protocol
HillStream PDU Type: 10
HillStream PDU Flag: 0x04
HillStream PDU Sequence NO: 4386
HillStream PDU Initial IP: 192.168.0.102
Frame 2 Message_B
Hill-Stream Message_B
Hill-Stream Protocol
HillStream PDU Type: 10
HillStream PDU Flag: 0x04
HillStream Additional Field: 287490216
HillStream Another Field: 102
After reading documenets from wireshark org,.
1.create tvb with correct offset and len
2.create pinfo from imcoming packet_info and update the num with unique number also set can_desemenent=0
3.create substree with correct tvb,offset and len。
4.call message A and message B dissector.
I am not sure what was missing that cause can't split the bit stream into separate Frames with corresponding message(A&B)
can any collages help me ? thanks a lot!
here is the part of code.
- Prev by Date: [Wireshark-dev] How to get the PDU length of a 'mutating' protocol?
- Next by Date: [Wireshark-dev] Breaking field name or duplicating value
- Previous by thread: [Wireshark-dev] How to get the PDU length of a 'mutating' protocol?
- Next by thread: [Wireshark-dev] Breaking field name or duplicating value
- Index(es):