Hi Steve,
Heres more of dissectors code
THis code works fine for wireshark 0.99.5 on kinux or wireshark 1.0.0 on windows.
But wirehark 1.0.6 doesn't display protocol/info item. ABC is protocol name...
##################################################################################
include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <getopt.h>
#include <gmodule.h>
#include <epan/prefs.h>
#include <epan/packet.h>
#include <epan/dissectors/packet-tcp.h>
/* forward reference */
void proto_register_abc();
void proto_reg_handoff_abc();
/* Define version if we are not building Wireshark statically */
#ifndef ENABLE_STATIC
G_MODULE_EXPORT const gchar version[] = "0.0";
#endif
/* globals for this file */
static int proto_abc = -1;
static const guint8 ABCDECODE_ABC_HEADER_LENGTH =18;
#ifndef ENABLE_STATIC
G_MODULE_EXPORT void plugin_register(void)
{
/* register the new protocol, protocol fields, and subtrees */
if (proto_abc == -1) { /* execute protocol initialization only once */
proto_register_abc();
}
}
G_MODULE_EXPORT void plugin_reg_handoff(void){
proto_reg_handoff_abc();
}
#endif
static int ett_abc = -1;
/* Setup protocol subtree array */
static int *ett[] = {&ett_abc };
guint32 dissect_abc(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
guchar *msgName;
guint32 numBits=0, msgId;
const guint8 versionField =13;
guint iDataLen; /* length of packet */
/* Clear out stuff in the info column */
if (check_col(pinfo->cinfo,COL_INFO))
{
col_clear(pinfo->cinfo,COL_INFO);
}
iDataLen = tvb_length(tvb); /* get length of packet */
if ( IsABCMessage(tvb, iDataLen)) /* check if it is a ABC message */
{
if (check_col(pinfo->cinfo,COL_PROTOCOL)) // #######This is NULL, asa a result it doesn't enter the if condition
{
col_set_str(pinfo->cinfo,COL_PROTOCOL, "ABC");
}
msgId = GetMessageId(tvb);
msgName = (guchar *)match_strval(msgId, abcMessageType_value_string_table);
if(msgName) /* valid abc message */
{
if (check_col(pinfo->cinfo, COL_INFO)) // #######This is NULL, asa a result it doesn't enter the if condition
{
col_add_fstr(pinfo->cinfo, COL_INFO,"ABC: %s", msgName);
}
if (tree)
{ /* we are being asked for details */
proto_item *ti;
abcMessage abcMsg;
abcMsg.msgId = msgId;
abcMsg.version = tvb_get_guint8(tvb, versionField);
ti = proto_tree_add_item(tree, proto_abc, tvb, 0, -1, FALSE);
tree = proto_item_add_subtree(ti, ett_abc);
numBits = abcMessage_dissect(&abcMsg,proto_abc, tvb, 0, pinfo, tree);
}
}
else // not a valid msg id
{
if (check_col(pinfo->cinfo, COL_INFO))
{
col_add_fstr(pinfo->cinfo, COL_INFO, "ABC: Invalid Message Id (%u)", msgId);
}
}
}
else //Not an ABC message
{
if (check_col(pinfo->cinfo, COL_INFO))
{
col_set_str(pinfo->cinfo, COL_INFO, "ABC: Not a ABC message");
}
}
return numBits; /*in case of err, 0 is returned */
}
##################################################################################
thanks
vinayak
On Mon, Mar 30, 2009 at 8:58 PM, Stephen Fisher
<steve@xxxxxxxxxxxxxxxxxx> wrote:
On Mon, Mar 30, 2009 at 05:44:26PM -0700, vinayak kamath wrote:
> I am using wireshark 1.0.6 on RHEL 4 linux. ( Built from source
> code)... I have added by own dissector . I am able to decode the
> messages correctly. But the Protocol & Info column on GUI doesn't show
> the right value.
>
> Is this a known thing ???
No.
> Heres a code snippet for the dissector
> In both these cases it never enters the if condition as a result of
> which the protocol/Info item never gets set to the required value.
Would you mind sending more or all of the dissector's code if it is not
too big?
Steve
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
