Wireshark mailing list archives

Re: Save extracted data from reassembled packets

From: Peter Smith <psmith135 () gmail com>
Date: Tue, 23 Feb 2010 12:16:32 +0200

Stig,

Thank you very much for such quick fix. I was suprised it took only one line
of C code. Indeed knowledge is power :) Now when I use the previously
mentioned Lua code with print(wsp_pdu.value), it gives me the hex bytes of
the extracted field for the complete protocol payload which is exactly what
I was looking for.

There is another problem with all 1.3.3 and 1.3.4 versions though when I use
them for mmse protocol but that's a different story for a different thread
:))

Just for the record here is the error in wireshark packet summary column for
mmse protocol:
MMSE MMS m-retrieve-conf[Dissector bug, protocol MMSE: proto.c:2269: failed
assertion "fi && "proto_tree_set_visible(tree, TRUE) should have been called
previously""]


2010/2/22 Stig Bjørlykke <stig.bjorlykke () gmail com>

On 21. feb. 2010, at 20.00, Peter Smith wrote:

I have the following code to get the reassembled WSP payload out of

packet in wireshark


===================================
wsp_extractor = Field.new("wsp")


Wireshark does not currently support handling FT_PROTOCOL as a field
extractor.  I suppose in this situation the FT_PROTOCOL should be handled as
a byte array, and maybe this is the best handling.  I have just committed
revision 31951 with a fix for this, please try a automated build[1] in an
hour or so.

[1] http://www.wireshark.org/download/automated/


--
Stig Bjørlykke


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

Save extracted data from reassembled packets Peter Smith (Feb 21)
- Re: Save extracted data from reassembled packets varname (Feb 22)
  - Re: Save extracted data from reassembled packets Peter Smith (Feb 22)
    - Re: Save extracted data from reassembled packets Peter Smith (Feb 22)
    - Re: Save extracted data from reassembled packets Beth (Feb 22)
    - Re: Save extracted data from reassembled packets Peter Smith (Feb 22)
- Re: Save extracted data from reassembled packets Stig Bjørlykke (Feb 22)
  - Re: Save extracted data from reassembled packets Peter Smith (Feb 23)