|
Never
having created a dissector, this is how I would go about it (in my own hacker
way!)
1.
Grab the source tree. 0.9.7 is the current release
2.
There is some documentation in there on how ethereal is put together. Failing
that....
3.
Pick a currently dissected protocol, say IGMP, and do a grep/find/ etc to find
the relevant dissector code. (Hint usually they are named packet-xxx.c, in this
case packet-igmp.c)
4.
Copy this dissector to yours - packet-peveeprotocol.c
.
5. Try
to hack the dissector it to make it look like it will decode your registration
packet.
6.
Hack makefile.am to add your dissector.
7. Run "make" to hopefully
compile your dissector, create the hooks into "register.c" etc, and link your
dissector into ethereal.
8. With a long stick type "ethereal" and watch
it all blow up. Then go to step 5 :-)
9. If
it runs try it on your packet. Likely you will need to go back to step 5 again
:-)
There
are probably a few bits missing here, but hopefully this will give an idea of
where to start (at least until someone who has done this
replies!)
(I
always find "grep -r" and using "tags" with vi, are my best friend when it
comes to hacking someone elses code!!!)
Martin
Visser � |
Title: Message
- RE: [Ethereal-dev] Creating a new Dissector Richard Urwin
- Re: [Ethereal-dev] Creating a new Dissector pevee
- RE: [Ethereal-dev] Creating a new Dissector Visser, Martin (Sydney)
- RE: [Ethereal-dev] Creating a new Dissector Richard Urwin
