Wireshark mailing list archives
Fwd: Re: Fwd: Re: [Wireshark-bugs] [Bug 3422] New dissector for Genisys protocol
From: Simon Dreyer <simon2 () iinet net au>
Date: Thu, 01 Apr 2010 13:54:52 +0800
Hi Bill Thanks so much for your help. I have managed to get the patch installed and wireshark compiled and running Yehhaaa:) I'll get to do some live testing next week Many Thanks Simon Dreyer Dreyer Automation 0417 952 563 ----- Original Message ----- From: Bill Meier <wmeier () newsguy com> To: Developer support list for Wireshark <wireshark-dev () wireshark org> Sent: Wed Mar 31 13:18 Subject: Fwd: Re: [Wireshark-dev] Fwd: Re: [Wireshark-bugs] [Bug 3422] New dissector for Genisys protocol Simon Dreyer wrote:
http://www.codeproject.com/KB/IP/custom_dissector.aspx
Note: In "Configure Wireshark Build Environment (Win32)" in the above certain things are a bit out-of-date. EG: the specific compiler referenced ("Visual C++ 2005 Express Edition") is not the latest (and is not the one currently used by Wireshark: VC++ 2008 EE (aka VC9)). If you haven't already done so, make sure you're using the compiler & etc versions as given in the Developer's Guide. Also: It's not necessary to download and install a Platform SDK with VC9. I believe that following the Developer's Guide instructions exactly as to setting up a Windows Wireshark build environment should work w/o problems.
There are obviously two approaches to this: 1) incorporate the protocol as an integral part wireshark as I think you are describing or 2) run it as a .dll plugin as I was trying to do (as per the tutorial).
I presume that this genisys protocol has not been implemented into the general release of wireshark (it does not appear in the list of protocols) I only hope
that
this is because it is a rather obscure protocol and not because it doesn't work.
It appears from acomment in the bug that a concern was expressed about the way the dissector is coded. https://bugs.wireshark.org/bugzilla/show_bug.cgi\?id=3422#c5.
Getting back to the "Patch" thing, I have read all the stuff in the developers manual and hope I understand it, is this what I have to do? 1) Click on the "New patch for genisys dissector" link at https://bugs.wireshark.org/bugzilla/show_bug.cgi\?id=3422 2) Copy the code and paste it into a text file 3) save it as "add_genisys_dissector.diff" (or something similar) 4) copy the file into the c:\wireshark directory 5) open a command window and go to the c:\wireshark directory 6) type "patch -p0 7) re-compile wireshark
Yes: The above is correct. Two comments: 1. As noted, the patch is a year old. Looking quickly at the code in the patch I see that there are two edits you'll need to make to epan\dissectors\packet-genisys.c (after the patch is applied) and before recompiling. { "Payload", "genisys.payload", FT_BYTES, BASE_HEX, NULL, ==> { "Payload", "genisys.payload", FT_BYTES, BASE_NONE, NULL, { "Junk", "genisys.junk", FT_BYTES, BASE_HEX, NULL, ==> { "Junk", "genisys.junk", FT_BYTES, BASE_NONE, NULL, 2. When re-compiling do 'nmake –f Makefile.nmake all' The patch changes epan\crc16.h which is used in a number of source files so a complete re-compile should be done. (Normally a complete rebuild is not needed if only one or more .c files are changed). ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Fwd: Re: Fwd: Re: [Wireshark-bugs] [Bug 3422] New dissector for Genisys protocol Simon Dreyer (Apr 01)