Hi All,
Sorry if this ques sounds stupid...but i have very little idea about how wireshark works.
I am looking at writing a dissector for a particular file i have. This file contains certain messages, which we are interested in showing on the Wireshark GUI.
Can i write a dissector if we have information about only one protocol? That means, in the protocol tree only one protocol shows up? If yes, how will Wireshark know when to call my dissector?
We are only interested in Statics->Flow graph, so one protocol coming up in the pretocol tree is fine.
Also, how are the source , destination fields populated in the first pane.
What is needed on my part so that this file shows up correctly on Wireshark? I know that i will have to write a dissector so that wireshark understands the format of my protocol. Please do correct me if i am wrong.
Any kinda help on this is most welcome!
Thanks in advance!
--
Regards,
Priyanka