What is the best way to dissect some strange messages without byte
alignment?
For example:
payload block is 22 bytes
first 3 bits is A, next 15 bits is B, next 27 bits is Cuntil 22 bytes.
Thanks
___
Wireshark-dev mailing list
Wireshark-dev@wiresh
Win32
On 3/23/07, Steven Le <[EMAIL PROTECTED]> wrote:
Are there packet generators around to test my codes?
Steven
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev
Are there packet generators around to test my codes?
Steven
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev
I'm using VC8 to compile wireshark source. However I got this error while
compiling
scanner.c(653) : fatal error C1083: Cannot open include file: 'unistd.h': No
such file or directory
Do you know how to fix it?
Steven
___
Wireshark-dev mailing list
Wires
Thanks Guys Harris a lot. I understand more now. Actually I copied without
modifying header fields "a", so it appeared to be *three* a in
proto_tree_add_item
Steven
On 3/12/07, Guy Harris <[EMAIL PROTECTED]> wrote:
On Mar 12, 2007, at 5:47 PM, Steven Le wrote:
> >N
...,a, offset, 3, TRUE);
protocol_add_item(..,a, offset, 3, TRUE);
protocol_add_item(..,a, offset, 3, TRUE); offset +=3;
Is it correct?
On 3/12/07, Guy Harris <[EMAIL PROTECTED]> wrote:
On Mar 12, 2007, at 4:32 PM, Steven Le wrote:
> guint32 is 32 bits --> so type mismatch???
I define a header type to be FT_UINT24
&
FT_UNIT24, BASE_DEC, NULL,
0x7ff (bitmasking 3 bytes)
How to get 3 bytes and add it to protocol subtree?
guint32 = tvb_get_leoh24(tvb, 3); ???
guint32 is 32 bits --> so type mismatch???
___
Wireshark
I've been using Google Talk and thought you might like to try it out.
We can use it to call each other for free over the internet. Here's an
invitation to download Google Talk. Give it a try!
-------
Steven Le wants
8, 7)
Value B: next 3 bits
Value C: the rest
-Steven
On 3/6/07, Stephen Fisher <[EMAIL PROTECTED]> wrote:
On Tue, Mar 06, 2007 at 11:46:33PM -0800, Steven Le wrote:
> Thanks. How can I register hf_foo_data?
Take a look at the sample dissector code in doc/README.developer between
_tree_add_item(tree, hf_foo_message, tvb, offset, 20, FALSE);
offset += 20;
}
if ((header & 0xE0 == 0x20) || (header & 0xE0 == 0xE0)) {
proto_tree_add_item(tree, hf_foo_data, tvb, offset,
tvb_get_length(tvb, offset), FALSE);
}
Thanx,
Jaap
On Tue, 6 Mar 2007, Steven Le wrote:
>
AIL PROTECTED]> wrote:
Hi,
You'll have to provide a little more detail than this. What size are
header, message and data? Are they packed in a byte? format stuff like
that.
Thanx,
Jaap
On Tue, 6 Mar 2007, Steven Le wrote:
> I have to dissect this payload.
>
> Header | mess
I have to dissect this payload.
Header | message | data
After getting the first 3 bits from header: 000 -> Header
010
-> Header|Message
001
-> Header|Bin
12 matches
Mail list logo
