Wireshark mailing list archives

Re: ask about dissector_add ( ) function to instruct wireshark to pass packet to my dissector

From: cq x <xiachangqin66 () hotmail com>
Date: Wed, 22 Jun 2011 12:00:18 +0800


thank you, Chris,

I will take a look at it

Thanks

To: wireshark-dev () wireshark org
From: Christopher.Maynard () gtech com
Date: Wed, 22 Jun 2011 00:48:13 +0000
Subject: Re: [Wireshark-dev]  ask about dissector_add ( ) function to instruct wireshark to pass packet to my 
dissector

Changqin Xia <xiachangqin66@...> writes:

Hi, allI am a newbie on dissector development. I have a question about the

"dissector_add( )" function.I went through a few examples, most of them are
using "tcp.port" or "udp.port" or something like that.My dissector not uses any
port number to instruct wireshark to pass packets to my dissector, my dissector
is using "Magic" (the first byte).  Any one can tell me if I use the magic
number to realize dissector_add( ) function, what should I do?  any example? any
other dissector in the same way? or Any part on the "README.developer" talking
about this?ThanksJohn

The new name of the function is dissector_add_uint() and there are plenty of
examples where it's used to register a value in dissector tables other than
tcp.port or udp.port.  One of MANY such examples can be found in packet-ip.c:

dissector_add_uint("ethertype", ETHERTYPE_IP, ip_handle);

If you're using Wireshark 1.6, you can view all the tables through "Internals ->
Dissector tables".  The string tables and integer tables are segregated.



___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

ask about dissector_add ( ) function to instruct wireshark to pass packet to my dissector Changqin Xia (Jun 21)
- Re: [Wireshark-dev] ask about dissector_add ( ) function to instruct wireshark to pass packet to my dissector Chris Maynard (Jun 21)
  - Re: ask about dissector_add ( ) function to instruct wireshark to pass packet to my dissector cq x (Jun 21)
- Re: ask about dissector_add ( ) function to instruct wireshark to pass packet to my dissector Guy Harris (Jun 21)
  - Re: ask about dissector_add ( ) function to instruct wireshark to pass packet to my dissector cq x (Jun 21)
    - Re: ask about dissector_add ( ) function to instruct wireshark to pass packet to my dissector Jaap Keuter (Jun 21)
    - Re: ask about dissector_add ( ) function to instruct wireshark to pass packet to my dissector cq x (Jun 22)