Wireshark mailing list archives
Re: Passing data from Plugin dissector to a standard wireshark dissector (i.e. TCP)
From: hammad kabir <hammadsatti () gmail com>
Date: Sat, 25 Aug 2012 17:06:31 +0300
Hi again, Any one having any other idea here. To put it short, I have written a plugin dissector for a custom protocol which works fine in wireshark, but as a next step I want rest of packet data to be decoded by a higher layer protocol dissector of wireshark (e.g. TCP or UDP, depending on a field value of custom protocol). Can you please guide me, as to what steps should I take in to account to get this task done. Additional Info: Platform being used in Ubuntu Programming Language is C or C++ I am counting alot on anyone's help. So please help me here. Thanks and Regards, Hammad Kabir On Sun, Aug 12, 2012 at 2:57 PM, Martin Kaiser <lists () kaiser cx> wrote:
Hi Hammad, Thus wrote hammad kabir (hammadsatti () gmail com):I have recently implemented a wireshark dissector of a relatively simple protocol (lets call the protocol as COOL) for a project of mine. This dissector gets the data from IP layer and then parses it according to protocol definition of COOL protocol. (so far its good). But, next step involves passing the data from COOL protocol ( which is a plugin dissector in my case) to TCP protocol for further dissection of packet. However, I am having a difficult time in getting this (later) task done.a while ago, I added dissection of DVB-CI messages that contain a tcp or udp part. Have a look at epan/dissectors/packet-dvbci.c. When the connection is opened, I call store_lsc_msg_dissector() and try to find the matching dissector for the selected tcp (or udp) port. Later in dissect_dvbci_payload_lsc(), case T_COMMS_SEND_LAST..., I call the tcp dissector using call_dissector() and pass the message tvb as a parameter. Is this similar to your task? Regards, Martin ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org ?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Passing data from Plugin dissector to a standard wireshark dissector (i.e. TCP) hammad kabir (Aug 11)
- Re: Passing data from Plugin dissector to a standard wireshark dissector (i.e. TCP) Martin Kaiser (Aug 12)
- Re: Passing data from Plugin dissector to a standard wireshark dissector (i.e. TCP) hammad kabir (Aug 22)
- Re: Passing data from Plugin dissector to a standard wireshark dissector (i.e. TCP) hammad kabir (Aug 25)
- Re: Passing data from Plugin dissector to a standard wireshark dissector (i.e. TCP) Mike Morrin (Aug 25)
- Re: Passing data from Plugin dissector to a standard wireshark dissector (i.e. TCP) hammad kabir (Aug 27)
- Re: Passing data from Plugin dissector to a standard wireshark dissector (i.e. TCP) Martin Kaiser (Aug 12)