Hi Armando, By creating a new workspace I meant deleting the first one completely and taking the new one and implementing the changes again. In the mean time can you post the code.
2012/3/5 Armando Vázquez <avr...@gmail.com> > I did so by using this function: > > void proto_register_myprotocol(void) > { > ... > register_dissector("MY_PROTOCOL", dissect_myprotocol, proto_my_protocol); > > } > > Armando Vázquez Ramírez > > > > On Mon, Mar 5, 2012 at 11:07 AM, Jeff Morriss > <jeff.morriss...@gmail.com>wrote: > >> For this to work your dissector needs to be registered by name. To get >> that it needs to call register_dissector(). >> >> Armando Vázquez wrote: >> >>> Thanks ashis! >>> >>> When I tried this my protocol does not show up as a valid protocol, why >>> is that? I tried using my dissector for the header protocol, but it should >>> also disscet 2 trailer bytes, does that represent a problem ? What should I >>> put in the header size field? >>> >>> Besides, I've read that using the GUI and editing the DLT_User is the >>> same as using the function dissector_add_uint(), am I right? If so, why >>> isn't working? should I change something else in pcap-common.c or wtap.c or >>> wtap.h? >>> >>> >>> Armando Vázquez Ramírez >>> >>> >>> On Sat, Mar 3, 2012 at 6:27 AM, ashish goel < >>> ashish.kumar.go...@gmail.com >>> <mailto:ashish.kumar.goel1@**gmail.com<ashish.kumar.go...@gmail.com>>> >>> wrote: >>> >>> Hi Armando, >>> >>> The is a way you can do it through wireshark GUI. Go to preferences >>> -> protocols -> DLT_User. Here click on edit and add your protocol >>> on any of the User DLTs(147 - 162). But make sure that that the pcap >>> file you are using must have defined the same DLT value in its >>> global header. >>> >>> Hope this helps. >>> >>> Thanks, >>> Ashish >>> 2012/3/2 Armando Vázquez <avr...@gmail.com <mailto:avr...@gmail.com>> >>> >>> >>> Hi guys, >>> >>> I've read the developers guide, README.developer, wiretap plugin >>> wiki and found no answer. Here is my problem. I'm trying to use >>> Wireshark for dissecting a pcap capture of a protocol that it's >>> not currently defined in wireshark. So I started writing a >>> plugin, but I haven't been able to declare or register this >>> dissector so it is enabled as a link layer dissector. I need to >>> achieve this because this is not a internet protocol, so I need >>> to identify it in this layer. >>> >>> I've already read this dev-topic >>> (http://www.mail-archive.com/**wireshark-dev@wireshark.org/** >>> msg05931.html<http://www.mail-archive.com/wireshark-dev@wireshark.org/msg05931.html> >>> ) >>> but I didn't understand it well. >>> >>> The dissection part works fine, I've tested it using a pcap and >>> nesting it on top of TCP. I would really appreciate your help. >>> Also I've added in wtap.h >>> >>> #define WTAP_ENCAP_MYPROTOCOL 147 >>> >>> and in wtap.c >>> >>> static struct encap_type_info encap_table_base[] = { >>> ... >>> { "RESERVED 138", "res0" }, >>> { "RESERVED 139", "res1" }, >>> { "RESERVED 140", "res2" }, >>> { "RESERVED 141", "res3" }, >>> { "RESERVED 142", "res4" }, >>> { "RESERVED 143", "res5" }, >>> { "RESERVED 144", "res6" }, >>> { "RESERVED 145", "res7" }, >>> { "RESERVED 146", "res8" }, >>> >>> /* WTAP_ENCAP_MYPROTOCOL*/ >>> { "MY PROTOCOL, "myprotocol" } >>> }; >>> >>> Here are the register and handoff sections of my code >>> >>> ------------------------------**------------------------------** >>> ---------------------- >>> void proto_register_myprotocol (void) >>> { >>> ... >>> >>> myprotocol_dissector_table = >>> register_dissector_table("**myprotocol.proto","ACN protocol >>> number", FT_UINT8, BASE_HEX); >>> proto_register_field_array (proto_myprotocol, hf, array_length >>> (hf)); >>> proto_register_subtree_array (ett, array_length (ett)); >>> register_dissector("**myprotocol", dissect_myprotocol, >>> proto_myprotocol); >>> } >>> >>> void proto_reg_handoff_myprotocol(**void) >>> { >>> >>> data_handle = find_dissector("data"); >>> myprotocol_handle = create_dissector_handle(**dissect_myprotocol, >>> proto_myprotocol); >>> dissector_add_uint("wtap_**encap", WTAP_ENCAP_MYPROTOCOL, >>> myprotocol_handle); >>> dissector_add_uint("tcp.port", >>> global_myprotocol_port, myprotocol_handle); // Registering this >>> on top of TCP was only to develop the dissection part, this >>> won't be present in the release version >>> >>> >>> } >>> >> ______________________________**______________________________** >> _______________ >> Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> >> Archives: >> http://www.wireshark.org/**lists/wireshark-dev<http://www.wireshark.org/lists/wireshark-dev> >> Unsubscribe: >> https://wireshark.org/mailman/**options/wireshark-dev<https://wireshark.org/mailman/options/wireshark-dev> >> >> mailto:wireshark-dev-request@**wireshark.org<wireshark-dev-requ...@wireshark.org> >> ?subject=**unsubscribe >> > > > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> > Archives: http://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev > mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe > -- Thanks, Ashish
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe