Hi Armando,
By creating a new workspace I meant deleting the first one completely and
taking the new one and implementing the changes again.
In the mean time can you post the code.
2012/3/5 Armando Vázquez <avr...@gmail.com>
> I did so by using this function:
>
> void proto_register_myprotocol(void)
> {
> ...
> register_dissector("MY_PROTOCOL", dissect_myprotocol, proto_my_protocol);
>
> }
>
> Armando Vázquez Ramírez
>
>
>
> On Mon, Mar 5, 2012 at 11:07 AM, Jeff Morriss
> <jeff.morriss...@gmail.com>wrote:
>
>> For this to work your dissector needs to be registered by name. To get
>> that it needs to call register_dissector().
>>
>> Armando Vázquez wrote:
>>
>>> Thanks ashis!
>>>
>>> When I tried this my protocol does not show up as a valid protocol, why
>>> is that? I tried using my dissector for the header protocol, but it should
>>> also disscet 2 trailer bytes, does that represent a problem ? What should I
>>> put in the header size field?
>>>
>>> Besides, I've read that using the GUI and editing the DLT_User is the
>>> same as using the function dissector_add_uint(), am I right? If so, why
>>> isn't working? should I change something else in pcap-common.c or wtap.c or
>>> wtap.h?
>>>
>>>
>>> Armando Vázquez Ramírez
>>>
>>>
>>> On Sat, Mar 3, 2012 at 6:27 AM, ashish goel <
>>> ashish.kumar.go...@gmail.com
>>> <mailto:ashish.kumar.goel1@**gmail.com<ashish.kumar.go...@gmail.com>>>
>>> wrote:
>>>
>>> Hi Armando,
>>>
>>> The is a way you can do it through wireshark GUI. Go to preferences
>>> -> protocols -> DLT_User. Here click on edit and add your protocol
>>> on any of the User DLTs(147 - 162). But make sure that that the pcap
>>> file you are using must have defined the same DLT value in its
>>> global header.
>>>
>>> Hope this helps.
>>>
>>> Thanks,
>>> Ashish
>>> 2012/3/2 Armando Vázquez <avr...@gmail.com <mailto:avr...@gmail.com>>
>>>
>>>
>>> Hi guys,
>>>
>>> I've read the developers guide, README.developer, wiretap plugin
>>> wiki and found no answer. Here is my problem. I'm trying to use
>>> Wireshark for dissecting a pcap capture of a protocol that it's
>>> not currently defined in wireshark. So I started writing a
>>> plugin, but I haven't been able to declare or register this
>>> dissector so it is enabled as a link layer dissector. I need to
>>> achieve this because this is not a internet protocol, so I need
>>> to identify it in this layer.
>>>
>>> I've already read this dev-topic
>>> (http://www.mail-archive.com/**wireshark-dev@wireshark.org/**
>>> msg05931.html<http://www.mail-archive.com/wireshark-dev@wireshark.org/msg05931.html>
>>> )
>>> but I didn't understand it well.
>>>
>>> The dissection part works fine, I've tested it using a pcap and
>>> nesting it on top of TCP. I would really appreciate your help.
>>> Also I've added in wtap.h
>>>
>>> #define WTAP_ENCAP_MYPROTOCOL 147
>>>
>>> and in wtap.c
>>>
>>> static struct encap_type_info encap_table_base[] = {
>>> ...
>>> { "RESERVED 138", "res0" },
>>> { "RESERVED 139", "res1" },
>>> { "RESERVED 140", "res2" },
>>> { "RESERVED 141", "res3" },
>>> { "RESERVED 142", "res4" },
>>> { "RESERVED 143", "res5" },
>>> { "RESERVED 144", "res6" },
>>> { "RESERVED 145", "res7" },
>>> { "RESERVED 146", "res8" },
>>>
>>> /* WTAP_ENCAP_MYPROTOCOL*/
>>> { "MY PROTOCOL, "myprotocol" }
>>> };
>>>
>>> Here are the register and handoff sections of my code
>>>
>>> ------------------------------**------------------------------**
>>> ----------------------
>>> void proto_register_myprotocol (void)
>>> {
>>> ...
>>>
>>> myprotocol_dissector_table =
>>> register_dissector_table("**myprotocol.proto","ACN protocol
>>> number", FT_UINT8, BASE_HEX);
>>> proto_register_field_array (proto_myprotocol, hf, array_length
>>> (hf));
>>> proto_register_subtree_array (ett, array_length (ett));
>>> register_dissector("**myprotocol", dissect_myprotocol,
>>> proto_myprotocol);
>>> }
>>>
>>> void proto_reg_handoff_myprotocol(**void)
>>> {
>>>
>>> data_handle = find_dissector("data");
>>> myprotocol_handle = create_dissector_handle(**dissect_myprotocol,
>>> proto_myprotocol);
>>> dissector_add_uint("wtap_**encap", WTAP_ENCAP_MYPROTOCOL,
>>> myprotocol_handle);
>>> dissector_add_uint("tcp.port",
>>> global_myprotocol_port, myprotocol_handle); // Registering this
>>> on top of TCP was only to develop the dissection part, this
>>> won't be present in the release version
>>>
>>>
>>> }
>>>
>> ______________________________**______________________________**
>> _______________
>> Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org>
>> Archives:
>> http://www.wireshark.org/**lists/wireshark-dev<http://www.wireshark.org/lists/wireshark-dev>
>> Unsubscribe:
>> https://wireshark.org/mailman/**options/wireshark-dev<https://wireshark.org/mailman/options/wireshark-dev>
>>
>> mailto:wireshark-dev-request@**wireshark.org<wireshark-dev-requ...@wireshark.org>
>> ?subject=**unsubscribe
>>
>
>
> ___________________________________________________________________________
> Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org>
> Archives: http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
> mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
>
--
Thanks,
Ashish
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
