Wireshark mailing list archives
Re: Getting data from pinfo
From: Guy Harris <guy () alum mit edu>
Date: Wed, 14 Apr 2010 18:28:36 -0700
On Apr 14, 2010, at 6:07 PM, Shawn Mayer wrote:
I'm trying to get the IPs from an aim_messaging packet to pass to my tap.
Presumably the AIM dissector is setting up the call to your tap. If so, it should put the IP addresses into a data structure and pass that to the tap as private data; that's how other taps work.
What exactly is pinfo
It's a (pointer to a) katamari:
http://en.wikipedia.org/wiki/Katamari
"The game's plot concerns a diminutive prince on a mission to rebuild the stars, constellations, and Moon, which were
accidentally destroyed by his father, the King of All Cosmos. This is achieved by rolling a magical, highly adhesive
ball called a katamari around various locations, collecting increasingly greater objects, ranging from thumbtacks to
people to mountains, until the ball has grown great enough to become a star."
The pinfo katamari has rolled around Ethereal/Wireshark for years, picking up various random bits of information to be
passed between dissectors. :-)
If all of those were passed to dissectors as separate arguments, then
1) the argument list to a dissector would change every time something else became part of the katamari
and
2) a call to a dissector would probably take half a page of code just to pass the arguments.
and what does it contain?
Everything that somebody's decided would be useful to put into it. (Yes, that's a serious description. There's nothing very systematic about it.)
Should I avoid using it?
You should avoid just adding things if only your dissector and any taps for it would use them; it's for passing stuff between dissectors. (And, yes, it probably should be cleaned up, with some more cleanly extensible mechanism for information-passing between dissectors.) ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Getting data from pinfo Shawn Mayer (Apr 14)
- Re: Getting data from pinfo Guy Harris (Apr 14)
- Re: Getting data from pinfo Shawn Mayer (Apr 14)
- Re: Getting data from pinfo Guy Harris (Apr 14)
- Re: Getting data from pinfo Shawn Mayer (Apr 14)
- Re: Getting data from pinfo Guy Harris (Apr 14)
- Re: Getting data from pinfo Shawn Mayer (Apr 14)
- Re: Getting data from pinfo Guy Harris (Apr 14)