Re: Need advice on modifying tvb

[Jaap Keuter <jaap.keuter () xs4all nl>]

Beth wrote:
> Change the builtin dissector?  You sure that's not cheating?  ;)
>
> Seriously though, that might be an option to consider - is there a way I 
> could turn on that setting automatically from my plugin?  I would prefer 
> this to be a drop-in solution if possible, i.e. the end user simply 
> drops the plugin into their Wireshark folder and that's all they have to do.

Well, we're talking about a protocol violation here. I was under the assumption 
that the checksum would be part of your outer protocol, not the build-in inner 
protocol. That's why the suggestion for tvb_new_subset(). What you're trying to 
do is fake the out checksum being the innner checksum. What about checksum 
errors? Which protocol is to blame then?
Anyways, Wireshark is designed around proper protocol layering, so this would 
require indeed something like Didier suggested.
Or you could provide a patch for the build-in dissector to be able to dissect 
the extra bytes off-the-shelf.

Thanks,
Jaap

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe