Wireshark · Wireshark-users: Re: [Wireshark-users] Need to associate a plugin with an encapsulation type code

Wireshark-users: Re: [Wireshark-users] Need to associate a plugin with an encapsulation type code

From: Jeff Morriss <jeff.morriss.ws@xxxxxxxxx>

Date: Thu, 10 Apr 2008 14:28:05 -0400



Gil Berglass wrote:

I have software-generated "capture" files containing data packets for anexperimental protocol. Each packet has a libpcap header with 155 (one ofthe "Reserved for Private Use" codes) in the network field. I havebuilt a dissector for this protocol that I would like to check out, butI don't know how to get Wireshark to invoke my dissector when it seesthis network code in the file (there's no "live" data). Is theresomething I need to put into my dissector source? Is there something Ineed to put into one of the plugin makefiles? My system is Red Hat Linux.


Edit->Preferences->Protocols->DLT_USER

Click Edit (the Encapsulation Tables)
Click New
Choose DLT 155
Put your dissector's (short) name in "payload_proto"

References:
- [Wireshark-users] Need to associate a plugin with an encapsulation type code
  - From: Gil Berglass

Prev by Date: Re: [Wireshark-users] Capture Analysis Help !
Next by Date: Re: [Wireshark-users] Capture Analysis Help !
Previous by thread: [Wireshark-users] Need to associate a plugin with an encapsulation type code
Next by thread: [Wireshark-users] CDF(Life Time)
Index(es):
- Date
- Thread