[Wireshark-dev] When to build

2010-04-06 Thread Shawn Mayer
Do I have to rebuild wireshark when I modify a tap protocol? What about after I add the calls for the tap protocol in the dissector? Shawn NTMail K12 - the Mail Server for Education ___ Sent via:Wireshark-dev mailing

[Wireshark-dev] buildbot failure in Wireshark (development) on Ubuntu-9.10-x64

2010-04-06 Thread buildbot-no-reply
The Buildbot has detected a new failure of Ubuntu-9.10-x64 on Wireshark (development). Full details are available at: http://buildbot.wireshark.org/trunk/builders/Ubuntu-9.10-x64/builds/371 Buildbot URL: http://buildbot.wireshark.org/trunk/ Buildslave for this Build: ubuntu-9.10-x64 Build

[Wireshark-dev] Build my own foo dissector example, Plugin/Protocol not visible

2010-04-06 Thread Koglin, Patrick
Hey, I make my first steps with wireshark and a own dissector. For testing I send only UDP packages with integers on network and I can see the traffic and content in wireshark as UDP Protocol. Now I want to test my own foo protocol dissector. Also I followed the examples in

[Wireshark-dev] Accessing calculated fields from Lua

2010-04-06 Thread Beth
I am writing a Lua script that extracts certain fields from various protocols and then adds them to the display tree. It doesn't create any new information, just collects these fields of interest all in one place for easier viewing. The problem I am running into is that some of the fields do not

Re: [Wireshark-dev] Running a function only on first run

2010-04-06 Thread Graham Bloice
On 06/04/2010 17:40, Jeremy O'Brien wrote: Hello, I'm trying to have Wireshark maintain a list of certain information from packets as it receives them (using a GHashTable or a GSList, not sure which yet). The problem I am facing is that the code in my dissection routine that does this gets

Re: [Wireshark-dev] Running a function only on first run

2010-04-06 Thread Maynard, Chris
I think this thread will help you. http://www.wireshark.org/lists/wireshark-dev/201003/msg00326.html - Chris -Original Message- From: wireshark-dev-boun...@wireshark.org [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Jeremy O'Brien Sent: Tuesday, April 06, 2010 12:41 PM To:

Re: [Wireshark-dev] Build my own foo dissector example, Plugin/Protocol not visible

2010-04-06 Thread Maynard, Chris
Your dissector won't appear under Preferences - Protocols if it doesn't have any preferences. Does it? Does it appear under Analyze - Enabled Protocols? - Chris From: wireshark-dev-boun...@wireshark.org [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Koglin, Patrick Sent: Tuesday,

Re: [Wireshark-dev] Running a function only on first run

2010-04-06 Thread Jeremy O'Brien
On Tue, Apr 6, 2010 at 12:58, Graham Bloice graham.blo...@trihedral.com wrote: Try PINFO_FD_VISITED(pinfo) on the pinfo you have.  Visited gets set after the first pass. I cannot find this macro. Where is it defined? It would be very nice to have since pinfo-fd-flags.visited is kind of

[Wireshark-dev] buildbot failure in Wireshark (development) on Windows-7-x64

2010-04-06 Thread buildbot-no-reply
The Buildbot has detected a new failure of Windows-7-x64 on Wireshark (development). Full details are available at: http://buildbot.wireshark.org/trunk/builders/Windows-7-x64/builds/657 Buildbot URL: http://buildbot.wireshark.org/trunk/ Buildslave for this Build: windows-7-x64 Build Reason:

[Wireshark-dev] buildbot failure in Wireshark (development) on Windows-XP-x86

2010-04-06 Thread buildbot-no-reply
The Buildbot has detected a new failure of Windows-XP-x86 on Wireshark (development). Full details are available at: http://buildbot.wireshark.org/trunk/builders/Windows-XP-x86/builds/1262 Buildbot URL: http://buildbot.wireshark.org/trunk/ Buildslave for this Build: windows-xp-x86 Build

Re: [Wireshark-dev] Running a function only on first run

2010-04-06 Thread Maynard, Chris
epan/frame_data.h. - Chris -Original Message- From: wireshark-dev-boun...@wireshark.org [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Jeremy O'Brien Sent: Tuesday, April 06, 2010 1:43 PM To: Developer support list for Wireshark Subject: Re: [Wireshark-dev] Running a function

[Wireshark-dev] dns fields to mysql

2010-04-06 Thread Hamid Reza Alipour
I want to save the DNS header fields and RRs in mysql. As the tshark/wireshark is a well-known protocol analyser I am thinking about a way that can pipe the out put of tshark/wireshark to mysql. is there any solution for this thanks. I tried the tshark but the tshark will not give me all the

[Wireshark-dev] buildbot failure in Wireshark (development) on Windows-XP-x86

2010-04-06 Thread buildbot-no-reply
The Buildbot has detected a new failure of Windows-XP-x86 on Wireshark (development). Full details are available at: http://buildbot.wireshark.org/trunk/builders/Windows-XP-x86/builds/1267 Buildbot URL: http://buildbot.wireshark.org/trunk/ Buildslave for this Build: windows-xp-x86 Build

[Wireshark-dev] Tap Implementation

2010-04-06 Thread Shawn Mayer
Hello everyone, I'm currently working on implementing a tap interface for the aim_messaging dissector and have some questions. Do you think I'd be better off tapping the main aim protocol? Right now I have it tapping packets to the queue twice, at the end of dissect_aim_msg_outgoing and

Re: [Wireshark-dev] dns fields to mysql

2010-04-06 Thread Martin Visser
Unfortunately, you are going to have to do a bit of your own parsing I think. While a lot of the fields are properly parsed out as named fields, some are left as unnamed text items. You can see this if you look at a DNS response packet and select useful fields (such as the IP address in a resource