-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Nope that was not the one :/
wrl Németh Márton wrote: | Hi, | | check WTAP_MAX_PACKET_SIZE in wireshark/wiretap/wiretap.h. I don't know if | it is enough to change only at that place but this is a place I know. | | Márton Németh | | warlord wrote: | Hi everyone | | Second try: I'd like to start a little project based on Wireshark. What | I need to be able to do though is process pcaps that include my own | protocol, which means packet sizes > 64k, preferably up to 2.1-4.3 gig. | After all, the pcap file format allows for packets this size. | | Is there something like a central max_size variable which is all I need | to change to be able to open pcaps this size? I do NOT want to capture | those packets from the wire. This is just about pcaps. | | Help, anyone? Otherwise the project is dead before it even started. | | wrl | | warlord wrote: | | Yoyo | | | | So I'm playing around with wireshark, a custom dissector, a hex editor | | and a test pcap file. The pccap file format supports a size field of 32 | | bit(though I'd prefer that to be 64 bit). | | | | When I set my packet size to > 0xffff though, I get a warning from | | wireshark that the packet is too big and can't be processed. Is there a | | way around that? I need support for packets bigger than 65535. | | | | My packet type in the pcap is "Null/Unknown" btw(my own type actually), | | and I have an example dissector for it which seems to work fine. So it's | | not a problem of ethernet or something with a 16 bit size field. Thanks | | for your help, | | | | wrl | | | | | _______________________________________________ | Wireshark-dev mailing list | Wireshark-dev@wireshark.org | http://www.wireshark.org/mailman/listinfo/wireshark-dev | _______________________________________________ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev | _______________________________________________ | Wireshark-dev mailing list | Wireshark-dev@wireshark.org | http://www.wireshark.org/mailman/listinfo/wireshark-dev - -- dreaming in digital - living in realtime - thinking in binary - talking in IP - welcome to our world -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHgqPi9A36oltxjVQRA7xeAJ9MsB18GBITIsXxAiWoSMgnXAUXcACdGn6V pPNPiyLp71GbCjr4A1WGNYA= =oT6G -----END PGP SIGNATURE----- _______________________________________________ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
