Wireshark-users: [Wireshark-users] Writing a tap plugin for AIM Messaging

From: Shawn Mayer <mayer_sr@xxxxxxxx>
Date: Mon, 08 Mar 2010 21:58:53 -0500
I am currently writing a tap interface for the incoming and outgoing messages portion of the AIM Messaging dissector. I have followed the instructions in the README.tapping file (hopefully correctly). Since the goal of this plugin is to link individual messages to conversations and then display them I should have tap_queue_packet(aim_messaging_tap, pinfo, msg_tree); before the return line of the dissect_aim_msg_incoming/outgoing methods correct? I also have to figure out a way to send the source and destination IP's (to group messages into conversations).

I am a bit confused as to how the tap listener works. Do I have to use the reset callback? As I see it the packet callback should update the data (say arrays of conversations) and draw should display the data in a window as it gets updated. Also where does the listener file get placed? Do I have to rebuild the code? Any help or links to further documentation/examples would be greatly appreciated. If I'm missing something please let me know don't be afraid to e-mail me directly.

Thanks.

NTMail K12 - the Mail Server for Education