Re: [Wireshark-dev] Dissector - plugin or built-in

2018-03-01 Thread Paul Offord 
I didn’t realise that the support effort is greater.  I was thinking, coding 
all dissectors, including new and existing block types, as plugins seems like a 
good strategic direction.  Surely beefing up the plugin framework would make 
Wireshark more extensible.

Anyway,  I’ll re-code as built-in as suggested.

From: Wireshark-dev [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of 
Roland Knall
Sent: 01 March 2018 10:27
To: Developer support list for Wireshark <wireshark-dev@wireshark.org>
Subject: Re: [Wireshark-dev] Dissector - plugin or built-in



On Thu, Mar 1, 2018 at 11:22 AM, Graham Bloice 
<graham.blo...@trihedral.com<mailto:graham.blo...@trihedral.com>> wrote:


On 1 March 2018 at 10:18, Roland Knall 
<rkn...@gmail.com<mailto:rkn...@gmail.com>> wrote:
We do not have any other dissector within the code, which dissects blocktypes. 
Therefore I would not be so sure, that it will get rejected (in my book it 
definitely should not).

But it most likely will get rejected as a plugin.

Main reasons for built-in:

- Easier to maintain
- Best-practice approach
- Would name it something like blocktype_trb.c or similar to distinguish from 
protocol-only dissectors

Should we have a separate spot in the source tree for block type dissectors?  
I'm not sure if we will ever have lots, but should we keep epan/dissectors for 
"protocol" dissectors.


Yeah, I was thinking along the same lines. like epan/blocktypes in comparison 
to epan/dissectors

But we already have file-xxx dissectors in there. It would also make sense to 
have a epan/dissectors/packet, epan/dissectors/file, epan/dissectors/blocktype 
structure.

What do you think?

cheers
Roland


__

This message contains confidential information and is intended only for the 
individual named. If you are not the named addressee you should not 
disseminate, distribute or copy this e-mail. Please notify the sender 
immediately by e-mail if you have received this e-mail by mistake and delete 
this e-mail from your system.

Any views or opinions expressed are solely those of the author and do not 
necessarily represent those of Advance Seven Ltd. E-mail transmission cannot be 
guaranteed to be secure or error-free as information could be intercepted, 
corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The 
sender therefore does not accept liability for any errors or omissions in the 
contents of this message, which arise as a result of e-mail transmission.

Advance Seven Ltd. Registered in England & Wales numbered 2373877 at Endeavour 
House, Coopers End Lane, Stansted, Essex CM24 1SJ

__
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com
__
___
Sent via:Wireshark-dev mailing list <wireshark-dev@wireshark.org>
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Dissector - plugin or built-in

2018-03-01 Thread Paul Offord 
OK – I’ll take a look.

Best regards…Paul

From: Wireshark-dev [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of 
Pascal Quantin
Sent: 01 March 2018 10:24
To: Developer support list for Wireshark <wireshark-dev@wireshark.org>
Subject: Re: [Wireshark-dev] Dissector - plugin or built-in

Hi Paul,

Le 1 mars 2018 10:47, "Paul Offord" 
<paul.off...@advance7.com<mailto:paul.off...@advance7.com>> a écrit :
Hi Pascal,

Thanks for your note regarding my change 26203 - 
https://code.wireshark.org/review/#/c/26203/ .  You suggested that I submit it 
as a built-in dissector, not a plugin.  I’m not keen for two reasons:


  *   If it is rejected (and I have a feeling it will be), I’ll then have to 
rewrite it to offer as an optional plugin
  *   I think adding it as a built-in dissector means changes to core Wireshark 
code

Why do you think it should be a built-in dissector?
Because :
- we do not want to end with tons of plugins to support, that are heavier than 
built-in ones (startup time, more files to install,...)
- our policy is to add new dissectors as built-in, not plugins (we are even 
converting some old plugins to built-in)

Plugins are usually used for people not willing to submit code to Wireshark 
upstream. This is not your case, so you should really convert it to built-in 
(which is a 5 mn work or even less).

Best regards,
Pascal.


__

This message contains confidential information and is intended only for the 
individual named. If you are not the named addressee you should not 
disseminate, distribute or copy this e-mail. Please notify the sender 
immediately by e-mail if you have received this e-mail by mistake and delete 
this e-mail from your system.

Any views or opinions expressed are solely those of the author and do not 
necessarily represent those of Advance Seven Ltd. E-mail transmission cannot be 
guaranteed to be secure or error-free as information could be intercepted, 
corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The 
sender therefore does not accept liability for any errors or omissions in the 
contents of this message, which arise as a result of e-mail transmission.

Advance Seven Ltd. Registered in England & Wales numbered 2373877 at Endeavour 
House, Coopers End Lane, Stansted, Essex CM24 1SJ

__
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com
__
___
Sent via:Wireshark-dev mailing list <wireshark-dev@wireshark.org>
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Dissector - plugin or built-in

2018-03-01 Thread Graham Bloice 
On 1 March 2018 at 10:27, Roland Knall  wrote:

>
>
> On Thu, Mar 1, 2018 at 11:22 AM, Graham Bloice <
> graham.blo...@trihedral.com> wrote:
>
>>
>>
>> On 1 March 2018 at 10:18, Roland Knall  wrote:
>>
>>> We do not have any other dissector within the code, which dissects
>>> blocktypes. Therefore I would not be so sure, that it will get rejected (in
>>> my book it definitely should not).
>>>
>>> But it most likely will get rejected as a plugin.
>>>
>>> Main reasons for built-in:
>>>
>>> - Easier to maintain
>>> - Best-practice approach
>>> - Would name it something like blocktype_trb.c or similar to distinguish
>>> from protocol-only dissectors
>>>
>>
>> Should we have a separate spot in the source tree for block type
>> dissectors?  I'm not sure if we will ever have lots, but should we keep
>> epan/dissectors for "protocol" dissectors.
>>
>
>
> Yeah, I was thinking along the same lines. like epan/blocktypes in
> comparison to epan/dissectors
>
> But we already have file-xxx dissectors in there. It would also make sense
> to have a epan/dissectors/packet, epan/dissectors/file,
> epan/dissectors/blocktype structure.
>
> What do you think?
>
>
Probably just my OCD tendencies kicking in, is there any benefit for devs
to doing so?


> cheers
> Roland
>
>



-- 
Graham Bloice
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Dissector - plugin or built-in

2018-03-01 Thread Pascal Quantin 
Hi Paul,

Le 1 mars 2018 10:47, "Paul Offord"  a écrit :

Hi Pascal,



Thanks for your note regarding my change 26203 - https://code.wireshark.org/
review/#/c/26203/ .  You suggested that I submit it as a built-in
dissector, not a plugin.  I’m not keen for two reasons:



   - If it is rejected (and I have a feeling it will be), I’ll then have to
   rewrite it to offer as an optional plugin
   - I think adding it as a built-in dissector means changes to core
   Wireshark code



Why do you think it should be a built-in dissector?

Because :
- we do not want to end with tons of plugins to support, that are heavier
than built-in ones (startup time, more files to install,...)
- our policy is to add new dissectors as built-in, not plugins (we are even
converting some old plugins to built-in)

Plugins are usually used for people not willing to submit code to Wireshark
upstream. This is not your case, so you should really convert it to
built-in (which is a 5 mn work or even less).

Best regards,
Pascal.
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Dissector - plugin or built-in

2018-03-01 Thread Graham Bloice 
On 1 March 2018 at 10:18, Roland Knall  wrote:

> We do not have any other dissector within the code, which dissects
> blocktypes. Therefore I would not be so sure, that it will get rejected (in
> my book it definitely should not).
>
> But it most likely will get rejected as a plugin.
>
> Main reasons for built-in:
>
> - Easier to maintain
> - Best-practice approach
> - Would name it something like blocktype_trb.c or similar to distinguish
> from protocol-only dissectors
>

Should we have a separate spot in the source tree for block type
dissectors?  I'm not sure if we will ever have lots, but should we keep
epan/dissectors for "protocol" dissectors.


> - Documentation of a sparsely used feature
>
> - We don't like plugins in the main sourcecode
>
> cheers
> Roland
>
>
> On Thu, Mar 1, 2018 at 10:46 AM, Paul Offord 
> wrote:
>
>> Hi Pascal,
>>
>>
>>
>> Thanks for your note regarding my change 26203 -
>> https://code.wireshark.org/review/#/c/26203/ .  You suggested that I
>> submit it as a built-in dissector, not a plugin.  I’m not keen for two
>> reasons:
>>
>>
>>
>>- If it is rejected (and I have a feeling it will be), I’ll then have
>>to rewrite it to offer as an optional plugin
>>- I think adding it as a built-in dissector means changes to core
>>Wireshark code
>>
>>
>>
>> Why do you think it should be a built-in dissector?
>>
>>
>>
>> Thanks and regards…Paul
>>
>> __
>>
>> This message contains confidential information and is intended only for
>> the individual named. If you are not the named addressee you should not
>> disseminate, distribute or copy this e-mail. Please notify the sender
>> immediately by e-mail if you have received this e-mail by mistake and
>> delete this e-mail from your system.
>>
>> Any views or opinions expressed are solely those of the author and do not
>> necessarily represent those of Advance Seven Ltd. E-mail transmission
>> cannot be guaranteed to be secure or error-free as information could be
>> intercepted, corrupted, lost, destroyed, arrive late or incomplete, or
>> contain viruses. The sender therefore does not accept liability for any
>> errors or omissions in the contents of this message, which arise as a
>> result of e-mail transmission.
>>
>> Advance Seven Ltd. Registered in England & Wales numbered 2373877 at
>> Endeavour House, Coopers End Lane, Stansted, Essex CM24 1SJ
>>
>> __
>> This email has been scanned by the Symantec Email Security.cloud service.
>> For more information please visit http://www.symanteccloud.com
>> __
>>
>> 
>> ___
>> Sent via:Wireshark-dev mailing list 
>> Archives:https://www.wireshark.org/lists/wireshark-dev
>> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>>  mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscr
>> ibe
>>
>
>
> 
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org?subject=
> unsubscribe
>



-- 
Graham Bloice
Software Developer
Trihedral UK Limited
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Dissector - plugin or built-in

2018-03-01 Thread Roland Knall 
We do not have any other dissector within the code, which dissects
blocktypes. Therefore I would not be so sure, that it will get rejected (in
my book it definitely should not).

But it most likely will get rejected as a plugin.

Main reasons for built-in:

- Easier to maintain
- Best-practice approach
- Would name it something like blocktype_trb.c or similar to distinguish
from protocol-only dissectors
- Documentation of a sparsely used feature

- We don't like plugins in the main sourcecode

cheers
Roland


On Thu, Mar 1, 2018 at 10:46 AM, Paul Offord 
wrote:

> Hi Pascal,
>
>
>
> Thanks for your note regarding my change 26203 -
> https://code.wireshark.org/review/#/c/26203/ .  You suggested that I
> submit it as a built-in dissector, not a plugin.  I’m not keen for two
> reasons:
>
>
>
>- If it is rejected (and I have a feeling it will be), I’ll then have
>to rewrite it to offer as an optional plugin
>- I think adding it as a built-in dissector means changes to core
>Wireshark code
>
>
>
> Why do you think it should be a built-in dissector?
>
>
>
> Thanks and regards…Paul
>
> __
>
> This message contains confidential information and is intended only for
> the individual named. If you are not the named addressee you should not
> disseminate, distribute or copy this e-mail. Please notify the sender
> immediately by e-mail if you have received this e-mail by mistake and
> delete this e-mail from your system.
>
> Any views or opinions expressed are solely those of the author and do not
> necessarily represent those of Advance Seven Ltd. E-mail transmission
> cannot be guaranteed to be secure or error-free as information could be
> intercepted, corrupted, lost, destroyed, arrive late or incomplete, or
> contain viruses. The sender therefore does not accept liability for any
> errors or omissions in the contents of this message, which arise as a
> result of e-mail transmission.
>
> Advance Seven Ltd. Registered in England & Wales numbered 2373877 at
> Endeavour House, Coopers End Lane, Stansted, Essex CM24 1SJ
>
> __
> This email has been scanned by the Symantec Email Security.cloud service.
> For more information please visit http://www.symanteccloud.com
> __
>
> 
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org?subject=
> unsubscribe
>
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Dissector - plugin or built-in

2018-03-01 Thread Paul Offord 
Hi Pascal,

Thanks for your note regarding my change 26203 - 
https://code.wireshark.org/review/#/c/26203/ .  You suggested that I submit it 
as a built-in dissector, not a plugin.  I'm not keen for two reasons:


  *   If it is rejected (and I have a feeling it will be), I'll then have to 
rewrite it to offer as an optional plugin
  *   I think adding it as a built-in dissector means changes to core Wireshark 
code

Why do you think it should be a built-in dissector?

Thanks and regards...Paul

__

This message contains confidential information and is intended only for the 
individual named. If you are not the named addressee you should not 
disseminate, distribute or copy this e-mail. Please notify the sender 
immediately by e-mail if you have received this e-mail by mistake and delete 
this e-mail from your system.

Any views or opinions expressed are solely those of the author and do not 
necessarily represent those of Advance Seven Ltd. E-mail transmission cannot be 
guaranteed to be secure or error-free as information could be intercepted, 
corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The 
sender therefore does not accept liability for any errors or omissions in the 
contents of this message, which arise as a result of e-mail transmission.

Advance Seven Ltd. Registered in England & Wales numbered 2373877 at Endeavour 
House, Coopers End Lane, Stansted, Essex CM24 1SJ

__
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com
_
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Dissector plugin not working with wireshark 1.12.3

2015-02-17 Thread yannick omnes 

Hi list,

I've recently updated my Wireshark to 1.12.3. I created a plugin that 
worked fine with previous versions but now I'm facing some problems.


The plugins still compile and is correctly loaded by wireshark on Windows

On my ubuntu 14.04, it is not loaded anymore. The problem seems to come 
from the register fonction. If there is only one element in the 
hf_register_info array, the plugin is being correctly loaded by 
Wireshark. But with more than one items, Wireshark crashes.


Does anyone know what's wrong ?

Regards,
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Dissector plugin not working with wireshark 1.12.3

2015-02-17 Thread Pascal Quantin 
2015-02-17 10:08 GMT+01:00 yannick omnes yom...@aviwest.com:

 Hi list,

 I've recently updated my Wireshark to 1.12.3. I created a plugin that
 worked fine with previous versions but now I'm facing some problems.

 The plugins still compile and is correctly loaded by wireshark on Windows

 On my ubuntu 14.04, it is not loaded anymore. The problem seems to come
 from the register fonction. If there is only one element in the
 hf_register_info array, the plugin is being correctly loaded by Wireshark.
 But with more than one items, Wireshark crashes.

 Does anyone know what's wrong ?


Hi Yannick,

without having access to your code, it's almost impossible to provide you
support. Have you checked with a debugger where it fails more precisely?
What version were you using previously?

Regards,
Pascal.
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Dissector plugin not working with wireshark 1.12.3

2015-02-17 Thread yannick omnes 

Hi Pascal,

Thank you for your answer,

The plugin crashes (dereferencing a NULL pointer) in the second 
iteration of the loop in proto_register_field_array. Looking around, i 
noticed that the bitmask field of header_field_info changed betwen 
1.10.6 and 1.12.3, it was a guint64 and is now a guint32. I didn't 
update my wireshark-dev package (just noticed that) so that might be the 
problem. Where can I find the dev package for wireshark 1.12.3 ? (The 
one provided by aptitude is out-of-date)



Regards,

Yannick


Le 17/02/2015 10:42, Pascal Quantin a écrit :
2015-02-17 10:08 GMT+01:00 yannick omnes yom...@aviwest.com 
mailto:yom...@aviwest.com:


Hi list,

I've recently updated my Wireshark to 1.12.3. I created a plugin
that worked fine with previous versions but now I'm facing some
problems.

The plugins still compile and is correctly loaded by wireshark on
Windows

On my ubuntu 14.04, it is not loaded anymore. The problem seems to
come from the register fonction. If there is only one element in
the hf_register_info array, the plugin is being correctly loaded
by Wireshark. But with more than one items, Wireshark crashes.

Does anyone know what's wrong ?


Hi Yannick,

without having access to your code, it's almost impossible to provide 
you support. Have you checked with a debugger where it fails more 
precisely? What version were you using previously?


Regards,
Pascal.


___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
  mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe


--




void
proto_register_ebonding(void)
{


static hf_register_info hf_ebonding[] =
{


{ hf_ebonding_id, { Packet id, ebonding.id, FT_UINT16, BASE_DEC_HEX, VALS(id_field), 0xF0, NULL, HFILL } },
{ hf_ebonding_type, { Packet type, ebonding.type, FT_UINT16, BASE_DEC_HEX, VALS(type_field), 0x8, NULL, HFILL } },
{ hf_ebonding_seqnum, { Seqnum, ebonding.seqnum, FT_UINT16, BASE_DEC_HEX, NULL, 0x0, NULL, HFILL }, },
{ hf_ebonding_seqnumglobal, { Seqnum, ebonding.seqnum, FT_UINT16, BASE_CUSTOM, seqnumdisplay, 0xFF07, NULL, HFILL }, },
{ hf_ebonding_cmd, { Command, ebonding.cmd, FT_UINT8, BASE_DEC_HEX, VALS(command_field), 0x0, NULL, HFILL } },
{ hf_ebonding_cmd_counter, { Counter, ebonding.counter, FT_UINT32, BASE_DEC_HEX, NULL, 0x0, NULL, HFILL }, },
{ hf_ebonding_cmd_retry, { Retry, ebonding.retry, FT_UINT8, BASE_DEC_HEX, NULL, 0x0, NULL, HFILL }, },
{ hf_ebonding_timestamps, { Timestamp, ebonding.timestamp, FT_UINT32, BASE_DEC_HEX, NULL, 0x0, NULL, HFILL }, },


};



static gint *ett_ebonding_arr[] =
{
ett_ebonding,
ett_timestamps,
ett_seqnum,
ett_lastseqnum,

};

proto_register_field_array (proto_ebonding, hf_ebonding, array_length (hf_ebonding));
proto_register_subtree_array (ett_ebonding_arr, array_length (ett_ebonding_arr));
ebonding_tap = register_tap(ebonding);
}
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Dissector plugin not working with wireshark 1.12.3

2015-02-17 Thread Pascal Quantin 
2015-02-17 12:41 GMT+01:00 yannick omnes yom...@aviwest.com:

  Hi Pascal,

 Thank you for your answer,

 The plugin crashes (dereferencing a NULL pointer) in the second iteration
 of the loop in proto_register_field_array. Looking around, i noticed that
 the bitmask field of header_field_info changed betwen 1.10.6 and 1.12.3, it
 was a guint64 and is now a guint32. I didn't update my wireshark-dev
 package (just noticed that) so that might be the problem. Where can I find
 the dev package for wireshark 1.12.3 ? (The one provided by aptitude is
 out-of-date)


Hi Yannick,

you can find the Wireshark 1.12.3 source code on this page:
https://www.wireshark.org/download.html . It contains the full source tree,
including the include files you might need to compile your plugin. Note
that according to https://packages.debian.org/search?keywords=wireshark-de,
there is also a wheezy-backports repository that provides the wireshark-dev
package for 1.12.1 which should be compatible with 1.12.3.
As you noticed, it's always mandatory to recompile a plugin between major
Wireshark releases as there is no guarantee that the internal API will be
compatible (well let's say that it's guaranteed that it will NOT be
compatible ;) ).





 Regards,

 Yannick


 Le 17/02/2015 10:42, Pascal Quantin a écrit :

  2015-02-17 10:08 GMT+01:00 yannick omnes yom...@aviwest.com:

 Hi list,

 I've recently updated my Wireshark to 1.12.3. I created a plugin that
 worked fine with previous versions but now I'm facing some problems.

 The plugins still compile and is correctly loaded by wireshark on Windows

 On my ubuntu 14.04, it is not loaded anymore. The problem seems to come
 from the register fonction. If there is only one element in the
 hf_register_info array, the plugin is being correctly loaded by Wireshark.
 But with more than one items, Wireshark crashes.

 Does anyone know what's wrong ?


  Hi Yannick,

  without having access to your code, it's almost impossible to provide
 you support. Have you checked with a debugger where it fails more
 precisely? What version were you using previously?

 Regards,
 Pascal.


 ___
 Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org 
 wireshark-dev@wireshark.org
 Archives:http://www.wireshark.org/lists/wireshark-dev
 Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
  mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe 
 wireshark-dev-requ...@wireshark.org?subject=unsubscribe


 --



 ___
 Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
 Archives:http://www.wireshark.org/lists/wireshark-dev
 Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
  mailto:wireshark-dev-requ...@wireshark.org
 ?subject=unsubscribe

___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] dissector plugin

2012-04-09 Thread vijay 
Hello,

i am trying to write a plugin dissector for tinyos packets. I have a couple
of questions with it:

it is a network layer protocol with a simple strucure : AM_type, payload.

The dissector samples have a port number field to associate the dissector
with the incoming packets. Now wireshark cannot grab these packets directly
but i am sending these packets to Wireshark over a pipe. Now what value
shoudl i give for the port number and how does wireshark know when to use
this dissector since
there is not port no field in my packet.

PS: This is a dissector for network layer packet in IEEE 802.15.4 stack.

Complete frame format: FCS | Seq# | Addressing Info |* AM_type | Payload* |
CRC


Thnks,
Vijay
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] dissector plugin help

2009-03-27 Thread Brian Oleksa 
Philippe

I sent you an e-mail with some screen shots but it appears the screen 
shots were too big.
So here is my outcome...maybe you will get the screenshots later.

I still get the same results.
I changed in the code where the ports file lives at to (c:/ports.txt). 
My ports.txt file is at the root of C:.
I rebuilt the code.
Deployed the .dll's files to the plugin directory of several machines 
running different versions of wireshrak
and I still get:

**Couldn't load module, The specified module could not be found.**

I build your code using VS 2005.

Any Thoughts...??

Are you able to run my plugin on any machine or just a development 
machine..?
The goal of this plugin is to have people download the helen.dll file 
place it in their plugin directory and have it work.

Having them download wireshark and build it to get my plugin to run is 
probably too much effort
I can get this to work on Linux with no problems. They download the 
helen.so file place it in the plugin directory and everything works fine.

Thanks again for all your help.

Brian



philippe alarcon wrote:
 Hello Brian,

 I have taken your code and created the plugin using my environment.
 I have no problem to load your plugin.
 Find here attached all the package.
 May be you could check if the created dll works with your Wireshark.

 Note that I have changed the directory used to get ports.txt in the 
 source.

 May be this can help you in solving your problem.

 If you send an example of capture, I can check if your dissector is 
 working correctly
 with your protocol.

 Regards
 Philippe


 Date: Fri, 27 Mar 2009 00:12:52 -0400
 From: olek...@darkcornersoftware.com
 To: wireshark-dev@wireshark.org
 Subject: Re: [Wireshark-dev] dissector plugin help

 Olivier (wsge)

 I really appreciate your quick response.

 I have added the following line to my Makefile.nmake
 mt.exe -manifest helen.dll.manifest - outputresource:helen.dll;2

 This does indeed create a helen.dll.manifest file. I take that along with the 
 helen.dll
 file and copy it into my plugins directory on another (deployment) machine.

 I am still getting the error:
 *Couldn't load module, The specified module could not be found.*

 Am I missing something here..?

 Attached is all my code and files in the helen.zip file.
 Also attached is my ports file that goes in the root of C:  (c:\ports.txt)

 Some things have changed from my last e-mail.

 I downloaded the source wireshark-1.1.2-SVN-26844.
 I built wireshark using the Visual Studio 2005 Command prompt.
 I put my plugin in place and it too builds fine and runs great on the 
 development machine.
 I have no problems running my software and dissecting packets.

 But when I copy the helen.dll.manifest and the helen.dll to another machine I 
 get 
 **Couldn't load module, The specified module could not be found.**

 Any thoughts..?

 Thank you very much for your help.

 Brian

  
   


 wsgd wrote:

 I think the answer is into your first mail :
 http://www.wireshark.org/lists/wireshark-dev/200902/msg00013.html

 To include the manifest inside the dll :

 mt.exe -manifest dll_name.dll.manifest - outputresource:dll_name.dll;2


 Also, into proto_reg_handoff_helen,
  if you have  many ports,
  you are calling many times :
 - data_handle = find_dissector(data); --- useless
 - helen_handle = create_dissector_handle(dissect_helen, proto_helen);   
 --- I do not think it works


 Olivier

 Brian Oleksa a écrit :
   

 Olivier (wsgd)

 I fixed the problem in the code that you found. Thanks again for 
 finding 
 this.
 I tested it on the development machine and it worked great.!!

 I then took the created helen.dll file and dropped it on a deploy 
 machine that is running the same version of wireshark that I 
 developed 
 against
 only to find that it Couldn't load module, The specified module 
 could 
 not be found.

 Any suggestions or thoughts on this one..?

 Thanks again for all your help.

 Brian



 wsgd wrote:
   
 

 Hello,

 Into proto_reg_handoff_helen,
  you try to fopen(/root/ports, r),
  which certainly fails on windows,
  so you call exit(1).



 Olivier

 Brian Oleksa a écrit :
   
 
   

 Wiresharkers

 I have followed these instructions: (I used both of these as 
 one was 
 more clear than the other on certain tasks).
 http://www.codeproject.com/KB/IP/custom_dissector.aspx
 
 http://www.wireshark.org/docs/wsdg_html_chunked/ChSetupWin32.html

 I am using:

 MSVC_VARIANT=MSVC2008EE

 I then verify_tools, install libraries (nmake -f 
 Makefile.nmake 
 setup), distclean and build

Re: [Wireshark-dev] dissector plugin help

2009-03-27 Thread philippe alarcon 

Hi Brian,

We have not the same environment.
On my station, I have generated WireShark 1.1.3,
and I use Microsoft Visual C++ 2008 Express Edition.
In this environment, your plugin is running correctly.

I remember that others have encountered problems
for using a recent plugin with older versions of WireShark,
and/or for generating plugin without having the complete
development tree of WireShark.
Have you searched in the mail archives ?

Regards
Philippe

 Date: Fri, 27 Mar 2009 08:34:02 -0400
 From: olek...@darkcornersoftware.com
 To: wireshark-dev@wireshark.org
 Subject: Re: [Wireshark-dev] dissector plugin help
 
 Philippe
 
 I sent you an e-mail with some screen shots but it appears the screen 
 shots were too big.
 So here is my outcome...maybe you will get the screenshots later.
 
 I still get the same results.
 I changed in the code where the ports file lives at to (c:/ports.txt). 
 My ports.txt file is at the root of C:.
 I rebuilt the code.
 Deployed the .dll's files to the plugin directory of several machines 
 running different versions of wireshrak
 and I still get:
 
 **Couldn't load module, The specified module could not be found.**
 
 I build your code using VS 2005.
 
 Any Thoughts...??
 
 Are you able to run my plugin on any machine or just a development 
 machine..?
 The goal of this plugin is to have people download the helen.dll file 
 place it in their plugin directory and have it work.
 
 Having them download wireshark and build it to get my plugin to run is 
 probably too much effort
 I can get this to work on Linux with no problems. They download the 
 helen.so file place it in the plugin directory and everything works fine.
 
 Thanks again for all your help.
 
 Brian
 
 
 
 philippe alarcon wrote:
  Hello Brian,
 
  I have taken your code and created the plugin using my environment.
  I have no problem to load your plugin.
  Find here attached all the package.
  May be you could check if the created dll works with your Wireshark.
 
  Note that I have changed the directory used to get ports.txt in the 
  source.
 
  May be this can help you in solving your problem.
 
  If you send an example of capture, I can check if your dissector is 
  working correctly
  with your protocol.
 
  Regards
  Philippe
 
 
  Date: Fri, 27 Mar 2009 00:12:52 -0400
  From: olek...@darkcornersoftware.com
  To: wireshark-dev@wireshark.org
  Subject: Re: [Wireshark-dev] dissector plugin help
 
  Olivier (wsge)
 
  I really appreciate your quick response.
 
  I have added the following line to my Makefile.nmake
  mt.exe -manifest helen.dll.manifest - outputresource:helen.dll;2
 
  This does indeed create a helen.dll.manifest file. I take that along with 
  the helen.dll
  file and copy it into my plugins directory on another (deployment) machine.
 
  I am still getting the error:
  *Couldn't load module, The specified module could not be found.*
 
  Am I missing something here..?
 
  Attached is all my code and files in the helen.zip file.
  Also attached is my ports file that goes in the root of C:  (c:\ports.txt)
 
  Some things have changed from my last e-mail.
 
  I downloaded the source wireshark-1.1.2-SVN-26844.
  I built wireshark using the Visual Studio 2005 Command prompt.
  I put my plugin in place and it too builds fine and runs great on the 
  development machine.
  I have no problems running my software and dissecting packets.
 
  But when I copy the helen.dll.manifest and the helen.dll to another machine 
  I get 
  **Couldn't load module, The specified module could not be found.**
 
  Any thoughts..?
 
  Thank you very much for your help.
 
  Brian
 
   

 
 
  wsgd wrote:
 
  I think the answer is into your first mail :
  http://www.wireshark.org/lists/wireshark-dev/200902/msg00013.html
 
  To include the manifest inside the dll :
 
  mt.exe -manifest dll_name.dll.manifest - 
  outputresource:dll_name.dll;2
 
 
  Also, into proto_reg_handoff_helen,
   if you have  many ports,
   you are calling many times :
  - data_handle = find_dissector(data); --- useless
  - helen_handle = create_dissector_handle(dissect_helen, proto_helen);   
  --- I do not think it works
 
 
  Olivier
 
  Brian Oleksa a écrit :

 
  Olivier (wsgd)
 
  I fixed the problem in the code that you found. Thanks again for 
  finding 
  this.
  I tested it on the development machine and it worked great.!!
 
  I then took the created helen.dll file and dropped it on a deploy 
  machine that is running the same version of wireshark that I 
  developed 
  against
  only to find that it Couldn't load module, The specified module 
  could 
  not be found.
 
  Any suggestions or thoughts on this one..?
 
  Thanks again for all your help.
 
  Brian
 
 
 
  wsgd wrote:

  
 
  Hello,
 
  Into proto_reg_handoff_helen

Re: [Wireshark-dev] dissector plugin help

2009-03-27 Thread Brian Oleksa 
Philippe

I have recompiled my plugin using Microsoft Visual C++ 2008 Express 
Edition.
I deployed it and it worked..!!

It appears that the C RunTime Libraries where indeed the problem 
(version mismatch).

Thanks for all your help.

I should be good to go for now.

Thanks again..!!

Brian



philippe alarcon wrote:
 Hi Brian,

 We have not the same environment.
 On my station, I have generated WireShark 1.1.3,
 and I use Microsoft Visual C++ 2008 Express Edition.
 In this environment, your plugin is running correctly.

 I remember that others have encountered problems
 for using a recent plugin with older versions of WireShark,
 and/or for generating plugin without having the complete
 development tree of WireShark.
 Have you searched in the mail archives ?

 Regards
 Philippe

  Date: Fri, 27 Mar 2009 08:34:02 -0400
  From: olek...@darkcornersoftware.com
  To: wireshark-dev@wireshark.org
  Subject: Re: [Wireshark-dev] dissector plugin help
 
  Philippe
 
  I sent you an e-mail with some screen shots but it appears the screen
  shots were too big.
  So here is my outcome...maybe you will get the screenshots later.
 
  I still get the same results.
  I changed in the code where the ports file lives at to (c:/ports.txt).
  My ports.txt file is at the root of C:.
  I rebuilt the code.
  Deployed the .dll's files to the plugin directory of several machines
  running different versions of wireshrak
  and I still get:
 
  **Couldn't load module, The specified module could not be found.**
 
  I build your code using VS 2005.
 
  Any Thoughts...??
 
  Are you able to run my plugin on any machine or just a development
  machine..?
  The goal of this plugin is to have people download the helen.dll file
  place it in their plugin directory and have it work.
 
  Having them download wireshark and build it to get my plugin to run is
  probably too much effort
  I can get this to work on Linux with no problems. They download the
  helen.so file place it in the plugin directory and everything works 
 fine.
 
  Thanks again for all your help.
 
  Brian
 
 
 
  philippe alarcon wrote:
   Hello Brian,
  
   I have taken your code and created the plugin using my environment.
   I have no problem to load your plugin.
   Find here attached all the package.
   May be you could check if the created dll works with your Wireshark.
  
   Note that I have changed the directory used to get ports.txt in the
   source.
  
   May be this can help you in solving your problem.
  
   If you send an example of capture, I can check if your dissector is
   working correctly
   with your protocol.
  
   Regards
   Philippe
  
  
   Date: Fri, 27 Mar 2009 00:12:52 -0400
   From: olek...@darkcornersoftware.com
   To: wireshark-dev@wireshark.org
   Subject: Re: [Wireshark-dev] dissector plugin help
  
   Olivier (wsge)
  
   I really appreciate your quick response.
  
   I have added the following line to my Makefile.nmake
   mt.exe -manifest helen.dll.manifest - outputresource:helen.dll;2
  
   This does indeed create a helen.dll.manifest file. I take that 
 along with the helen.dll
   file and copy it into my plugins directory on another (deployment) 
 machine.
  
   I am still getting the error:
   *Couldn't load module, The specified module could not be found.*
  
   Am I missing something here..?
  
   Attached is all my code and files in the helen.zip file.
   Also attached is my ports file that goes in the root of C: 
 (c:\ports.txt)
  
   Some things have changed from my last e-mail.
  
   I downloaded the source wireshark-1.1.2-SVN-26844.
   I built wireshark using the Visual Studio 2005 Command prompt.
   I put my plugin in place and it too builds fine and runs great on 
 the development machine.
   I have no problems running my software and dissecting packets.
  
   But when I copy the helen.dll.manifest and the helen.dll to 
 another machine I get
   **Couldn't load module, The specified module could not be found.**
  
   Any thoughts..?
  
   Thank you very much for your help.
  
   Brian
  
  
  
  
  
   wsgd wrote:
  
   I think the answer is into your first mail :
   http://www.wireshark.org/lists/wireshark-dev/200902/msg00013.html
  
   To include the manifest inside the dll :
  
   mt.exe -manifest dll_name.dll.manifest - 
 outputresource:dll_name.dll;2
  
  
   Also, into proto_reg_handoff_helen,
   if you have many ports,
   you are calling many times :
   - data_handle = find_dissector(data); --- useless
   - helen_handle = create_dissector_handle(dissect_helen, proto_helen);
   --- I do not think it works
  
  
   Olivier
  
   Brian Oleksa a écrit :
  
  
   Olivier (wsgd)
  
   I fixed the problem in the code that you found. Thanks again for 
 finding
   this.
   I tested it on the development machine and it worked great.!!
  
   I then took the created helen.dll file and dropped it on a deploy
   machine that is running the same version of wireshark that I 
 developed
   against
   only to find that it Couldn't load

Re: [Wireshark-dev] dissector plugin help

2009-03-26 Thread wsgd 
Hello,

Into proto_reg_handoff_helen,
 you try to fopen(/root/ports, r),
 which certainly fails on windows,
 so you call exit(1).



Olivier

Brian Oleksa a écrit :
 Wiresharkers

 I have followed these instructions: (I used both of these as one was 
 more clear than the other on certain tasks).
 http://www.codeproject.com/KB/IP/custom_dissector.aspx
 http://www.wireshark.org/docs/wsdg_html_chunked/ChSetupWin32.html

 I am using:

 MSVC_VARIANT=MSVC2008EE

 I then verify_tools, install libraries (nmake -f Makefile.nmake 
 setup), distclean and build wireshark with *NO *problems.

 I then test wireshark and it does indeed start up with *NO *problems.

 I then create my wireshark dissector code, make files etc.*
 (NOTE: This runs on Linux FC-9 with NO problems. If I take the 
 attached helen.zip file go to my
 linux box, do a make install and put the helen.so file in the plugin 
 directory everything works fine.)
 *


 I drop my code in place. C:\wireshark\plugins\helen
 The name of my wireshark dissector is called helen.

 From the C:\wireshark\plugins\helen directory I do the following:
 nmake -f Makefile.nmake distclean
 nmake -f Makefile.nmake all

 I have NO errors and it does indeed create a *helen.dll* file. (Which 
 I believe is what I want).

 I drop this helen.dll file in the following directory:
 C:\wireshark\wireshark-gtk2\plugins\1.1.4HELEN-DISSECTOR

 I start up wireshark (by invoking wireshark.exe) the splash screen 
 appears for a second than disappears. So it never start up.
 It does not provide me with a error message.

 I tried the following work around (click on link below) but had NO luck.
 http://www.wireshark.org/lists/wireshark-dev/200902/msg00013.html

 So at this point...I am stuck.

 Attached is all my code (helen.zip). Again, this same code works on my 
 fedora core 9 box.

 Any help is greatly appreciated.

 Thank you

 Brian Oleksa
 Software Developer
 Dark Corner Software











 

 ___
 Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
 Archives:http://www.wireshark.org/lists/wireshark-dev
 Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
  mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe


-- 
Wireshark Generic Dissector http://wsgd.free.fr

___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] dissector plugin help

2009-03-26 Thread Brian Oleksa 
Olivier (wsgd)

Thank you very much..!! This was indeed the problem.
No wonder it worked on Linux and not Windows :-)

I thought for sure that it was a version mismatch or something.

Thanks again... I really appreciate it. I have been playing with this 
all day.

Brian



wsgd wrote:
 Hello,

 Into proto_reg_handoff_helen,
  you try to fopen(/root/ports, r),
  which certainly fails on windows,
  so you call exit(1).



 Olivier

 Brian Oleksa a écrit :
   
 Wiresharkers

 I have followed these instructions: (I used both of these as one was 
 more clear than the other on certain tasks).
 http://www.codeproject.com/KB/IP/custom_dissector.aspx
 http://www.wireshark.org/docs/wsdg_html_chunked/ChSetupWin32.html

 I am using:

 MSVC_VARIANT=MSVC2008EE

 I then verify_tools, install libraries (nmake -f Makefile.nmake 
 setup), distclean and build wireshark with *NO *problems.

 I then test wireshark and it does indeed start up with *NO *problems.

 I then create my wireshark dissector code, make files etc.*
 (NOTE: This runs on Linux FC-9 with NO problems. If I take the 
 attached helen.zip file go to my
 linux box, do a make install and put the helen.so file in the plugin 
 directory everything works fine.)
 *


 I drop my code in place. C:\wireshark\plugins\helen
 The name of my wireshark dissector is called helen.

 From the C:\wireshark\plugins\helen directory I do the following:
 nmake -f Makefile.nmake distclean
 nmake -f Makefile.nmake all

 I have NO errors and it does indeed create a *helen.dll* file. (Which 
 I believe is what I want).

 I drop this helen.dll file in the following directory:
 C:\wireshark\wireshark-gtk2\plugins\1.1.4HELEN-DISSECTOR

 I start up wireshark (by invoking wireshark.exe) the splash screen 
 appears for a second than disappears. So it never start up.
 It does not provide me with a error message.

 I tried the following work around (click on link below) but had NO luck.
 http://www.wireshark.org/lists/wireshark-dev/200902/msg00013.html

 So at this point...I am stuck.

 Attached is all my code (helen.zip). Again, this same code works on my 
 fedora core 9 box.

 Any help is greatly appreciated.

 Thank you

 Brian Oleksa
 Software Developer
 Dark Corner Software











 

 ___
 Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
 Archives:http://www.wireshark.org/lists/wireshark-dev
 Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
  mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
 


   
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] dissector plugin help

2009-03-26 Thread Brian Oleksa 
Olivier (wsgd)

I fixed the problem in the code that you found. Thanks again for finding 
this.
I tested it on the development machine and it worked great.!!

I then took the created helen.dll file and dropped it on a deploy 
machine that is running the same version of wireshark that I developed 
against
only to find that it Couldn't load module, The specified module could 
not be found.

Any suggestions or thoughts on this one..?

Thanks again for all your help.

Brian



wsgd wrote:
 Hello,

 Into proto_reg_handoff_helen,
  you try to fopen(/root/ports, r),
  which certainly fails on windows,
  so you call exit(1).



 Olivier

 Brian Oleksa a écrit :
   
 Wiresharkers

 I have followed these instructions: (I used both of these as one was 
 more clear than the other on certain tasks).
 http://www.codeproject.com/KB/IP/custom_dissector.aspx
 http://www.wireshark.org/docs/wsdg_html_chunked/ChSetupWin32.html

 I am using:

 MSVC_VARIANT=MSVC2008EE

 I then verify_tools, install libraries (nmake -f Makefile.nmake 
 setup), distclean and build wireshark with *NO *problems.

 I then test wireshark and it does indeed start up with *NO *problems.

 I then create my wireshark dissector code, make files etc.*
 (NOTE: This runs on Linux FC-9 with NO problems. If I take the 
 attached helen.zip file go to my
 linux box, do a make install and put the helen.so file in the plugin 
 directory everything works fine.)
 *


 I drop my code in place. C:\wireshark\plugins\helen
 The name of my wireshark dissector is called helen.

 From the C:\wireshark\plugins\helen directory I do the following:
 nmake -f Makefile.nmake distclean
 nmake -f Makefile.nmake all

 I have NO errors and it does indeed create a *helen.dll* file. (Which 
 I believe is what I want).

 I drop this helen.dll file in the following directory:
 C:\wireshark\wireshark-gtk2\plugins\1.1.4HELEN-DISSECTOR

 I start up wireshark (by invoking wireshark.exe) the splash screen 
 appears for a second than disappears. So it never start up.
 It does not provide me with a error message.

 I tried the following work around (click on link below) but had NO luck.
 http://www.wireshark.org/lists/wireshark-dev/200902/msg00013.html

 So at this point...I am stuck.

 Attached is all my code (helen.zip). Again, this same code works on my 
 fedora core 9 box.

 Any help is greatly appreciated.

 Thank you

 Brian Oleksa
 Software Developer
 Dark Corner Software











 

 ___
 Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
 Archives:http://www.wireshark.org/lists/wireshark-dev
 Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
  mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
 


   
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] dissector plugin help

2009-03-26 Thread wsgd 
I think the answer is into your first mail :
http://www.wireshark.org/lists/wireshark-dev/200902/msg00013.html

To include the manifest inside the dll :

mt.exe -manifest dll_name.dll.manifest - outputresource:dll_name.dll;2


Also, into proto_reg_handoff_helen,
 if you have  many ports,
 you are calling many times :
- data_handle = find_dissector(data); --- useless
- helen_handle = create_dissector_handle(dissect_helen, proto_helen);   
--- I do not think it works


Olivier

Brian Oleksa a écrit :
 Olivier (wsgd)

 I fixed the problem in the code that you found. Thanks again for finding 
 this.
 I tested it on the development machine and it worked great.!!

 I then took the created helen.dll file and dropped it on a deploy 
 machine that is running the same version of wireshark that I developed 
 against
 only to find that it Couldn't load module, The specified module could 
 not be found.

 Any suggestions or thoughts on this one..?

 Thanks again for all your help.

 Brian



 wsgd wrote:
   
 Hello,

 Into proto_reg_handoff_helen,
  you try to fopen(/root/ports, r),
  which certainly fails on windows,
  so you call exit(1).



 Olivier

 Brian Oleksa a écrit :
   
 
 Wiresharkers

 I have followed these instructions: (I used both of these as one was 
 more clear than the other on certain tasks).
 http://www.codeproject.com/KB/IP/custom_dissector.aspx
 http://www.wireshark.org/docs/wsdg_html_chunked/ChSetupWin32.html

 I am using:

 MSVC_VARIANT=MSVC2008EE

 I then verify_tools, install libraries (nmake -f Makefile.nmake 
 setup), distclean and build wireshark with *NO *problems.

 I then test wireshark and it does indeed start up with *NO *problems.

 I then create my wireshark dissector code, make files etc.*
 (NOTE: This runs on Linux FC-9 with NO problems. If I take the 
 attached helen.zip file go to my
 linux box, do a make install and put the helen.so file in the plugin 
 directory everything works fine.)
 *


 I drop my code in place. C:\wireshark\plugins\helen
 The name of my wireshark dissector is called helen.

 From the C:\wireshark\plugins\helen directory I do the following:
 nmake -f Makefile.nmake distclean
 nmake -f Makefile.nmake all

 I have NO errors and it does indeed create a *helen.dll* file. (Which 
 I believe is what I want).

 I drop this helen.dll file in the following directory:
 C:\wireshark\wireshark-gtk2\plugins\1.1.4HELEN-DISSECTOR

 I start up wireshark (by invoking wireshark.exe) the splash screen 
 appears for a second than disappears. So it never start up.
 It does not provide me with a error message.

 I tried the following work around (click on link below) but had NO luck.
 http://www.wireshark.org/lists/wireshark-dev/200902/msg00013.html

 So at this point...I am stuck.

 Attached is all my code (helen.zip). Again, this same code works on my 
 fedora core 9 box.

 Any help is greatly appreciated.

 Thank you

 Brian Oleksa
 Software Developer
 Dark Corner Software











 

 ___
 Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
 Archives:http://www.wireshark.org/lists/wireshark-dev
 Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
  mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
 
   
   
 
 ___
 Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
 Archives:http://www.wireshark.org/lists/wireshark-dev
 Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
  mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe


   


-- 
Wireshark Generic Dissector http://wsgd.free.fr

___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe