Wireshark-dev: [Wireshark-dev] add a new format to wiretap
From: "SOLTANI FATEN" <Faten.Soltani@xxxxxxxxxxxxxxxxxx>
Date: Wed, 6 May 2009 17:00:19 +0200
Hi Can someone tell me how I can add a new format file to wiretap? There is samples of file that I want add: Regards Faten Block 04 - ISUP_NF - A01 - normal call with calling party on-hooking first without charge Block 05 - ISUP_NF - A01 - normal call with calling party on-hooking first without charge LINK ALIGNMENT IN PROGRESS NETWORK STABILIZATION IN PROGRESS Effective traffic start-up on 17/02/2009 at 10:47:23 => #0001 - 10:47:23 CF21 CIC:0512 FSCA: 05 TYAP:12 STATE:00 CAUSE:00 => #0002 - 10:47:23 CF01 CIC:0512 FSCD: 04 TYAP:10 STATE:01 LIB X'0C' CAUSE:01 Effective traffic shutdown on 17/02/2009 at 10:47:23 BLOC = 04 W01 = 0x00000000 W05 = 0x00000000 W09 = 0x00000000 W13 = 0x00000000 W02 = 0x00000000 W06 = 0x00000000 W10 = 0x00000000 W14 = 0x00000000 W03 = 0x00000000 W07 = 0x00000000 W11 = 0x00000000 W15 = 0x00000000 W04 = 0x00000000 W08 = 0x00000000 W12 = 0x00000000 W16 = 0x00000000 W65 = 0x00000000 W69 = 0x00000000 W73 = 0x00000000 W77 = 0x00000000 W66 = 0x00000000 W70 = 0x00000000 W74 = 0x00000000 W78 = 0x00000000 W67 = 0x00000000 W71 = 0x00000000 W75 = 0x00000000 W79 = 0x00000000 W68 = 0x00000000 W72 = 0x00000000 W76 = 0x00000000 W80 = 0x00000000 -----Message d'origine----- De : wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] De la part de wireshark-dev-request@xxxxxxxxxxxxx Envoyé : mercredi 6 mai 2009 16:12 À : wireshark-dev@xxxxxxxxxxxxx Objet : Wireshark-dev Digest, Vol 36, Issue 11 Send Wireshark-dev mailing list submissions to wireshark-dev@xxxxxxxxxxxxx To subscribe or unsubscribe via the World Wide Web, visit https://wireshark.org/mailman/listinfo/wireshark-dev or, via email, send a message with subject or body 'help' to wireshark-dev-request@xxxxxxxxxxxxx You can reach the person managing the list at wireshark-dev-owner@xxxxxxxxxxxxx When replying, please edit your Subject line so it is more specific than "Re: Contents of Wireshark-dev digest..." Today's Topics: 1. Re: Add restrictions to arguments of dumpcap (Jaap Keuter) 2. Re: gcrypt error on windows XP (Anders Broman) 3. Status of PDML output (Seth Webster) ---------------------------------------------------------------------- Message: 1 Date: Wed, 6 May 2009 13:16:47 +0200 From: Jaap Keuter <jaap.keuter@xxxxxxxxx> Subject: Re: [Wireshark-dev] Add restrictions to arguments of dumpcap To: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx> Message-ID: <953C7CD4-A6C5-4C50-B900-48484F16816D@xxxxxxxxx> Content-Type: text/plain; charset=utf-8; format=flowed; delsp=yes Hi Michael, I don't see a problem with these options. Since this is a somewhat 'internal' interface (only powerusers are likely to use it directly) I think this has to be as versatile as possible. Thanx, Jaap Sent from my iPhone On 6 mei 2009, at 10:46, Michael T?xen <Michael.Tuexen@xxxxxxxxxxxxxxxxx> wrote: > Dear all, > > I'm implementing the support of simultaniously > capturing from multiple interfaces in dumpcap. > The first step, the support of writing in pcapng is done. > > Now I need to be able to specify multiple interfaces > on the command line and also provide interface > specific options. I think something like > > dumpcap -n -i lo0 -f udp -s 100 -y whatever -i en0 -s 0 -f sctp - y > whatever > > should be possible. So I would like to require that you > need to specify the -i options before -f, -s, and -y. > The values specified by -f, -s, and -y only apply to > the interface specified before using the -i option. > It is also required to specify -n for using pcapng. > > What do you think? Is this acceptable? > > Or would you prefer to have only one capture filter > and snap length for all interfaces? Having the same > link-type makes no sense. > > I also would like to have either > one pipe > or a single or multiple interfaces. > But I think that is not a problem. > > Best regards > Michael > > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx> > Archives: http://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev > mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe ------------------------------ Message: 2 Date: Wed, 6 May 2009 13:42:22 +0200 From: "Anders Broman" <anders.broman@xxxxxxxxxxxx> Subject: Re: [Wireshark-dev] gcrypt error on windows XP To: "Developer support list for Wireshark" <wireshark-dev@xxxxxxxxxxxxx> Message-ID: <E48F3A0F80C4B642BF6A5FF3257DFBB906A18D67@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> Content-Type: text/plain; charset="us-ascii" Hi, I would try to build Wireshark without any custom stuff first. If that works you'd know that a failure is due to your changes. Regards Anders ________________________________ From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Yan, Patrick (NSN - CN/Beijing) Sent: den 6 maj 2009 12:50 To: Developer support list for Wireshark Subject: Re: [Wireshark-dev] gcrypt error on windows XP Hi, The problem is resolved but I'm not sure it's right or not. The problem is caused by Windows doesn't have ssize_t. Add #define ssize_t long and #define pid_t long in gcrypt.h can stop this nmake error. I continue make, the new problem happened. 0 File(s) copied xcopy ".\plugins\wimax\wimax.dll" wireshark-gtk2\plugins\1.0.7CLI /d 0 File(s) copied xcopy ".\plugins\wimaxasncp\wimaxasncp.dll" wireshark-gtk2\plugins\1.0.7CLI /d 0 File(s) copied if exist custom-install.bat custom-install wireshark-gtk2 1.0.7CLI copy wireshark-gtk2.exe wireshark-gtk2\wireshark.exe 1 file(s) copied. if exist wireshark-gtk2.pdb copy wireshark-gtk2.pdb wireshark-gtk2\wireshark.pdb 1 file(s) copied. if exist ".\docbook\user-guide.chm" xcopy ".\docbook\user-guide.chm" wireshark-gtk2 /d wireshark-gtk2\tshark.exe -G | perl doc\dfilter2pod.pl doc\wireshark-filter.pod.template > doc\wireshark-filter.pod After this, windows jump out an "tshark.exe-Application Error" dialogue window, report some memory error. Please check the attached screen output. No matter I choice "OK" or "Cancel", the nmake will continue. After that, no error anymore. When I run wireshark.exe in wireshark-gtk2 directory. Another "wireshark.exe-Application Error" dialogue windows coming out. Do you know how to resolve this one problem. Thanks. Br-Patrick ________________________________ From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of ext Yan, Patrick (NSN - CN/Beijing) Sent: Tuesday, May 05, 2009 1:36 PM To: Developer support list for Wireshark Subject: [Wireshark-dev] gcrypt error on windows XP Hi again, OS is windows XP, wireshark source code is last version of wireshark-1.0.7. Checking for required applications: cl: /cygdrive/c/Program Files/Microsoft Visual Studio 9.0/VC/BIN/cl link: /cygdrive/c/Program Files/Microsoft Visual Studio 9.0/VC/BIN/link nmake: /cygdrive/c/Program Files/Microsoft Visual Studio 9.0/VC/BIN/nmake bash: /usr/bin/bash bison: /usr/bin/bison flex: /usr/bin/flex env: /usr/bin/env grep: /usr/bin/grep /usr/bin/find: /usr/bin/find perl: /usr/bin/perl C:\Python26\python.exe: /cygdrive/c/Python26/python.exe sed: /usr/bin/sed unzip: /usr/bin/unzip wget: /usr/bin/wget I want to added 3 new dissectors, coding is finished. I used python 2.6 to create c file, python ../../tools/asn2wrs.py -b -e -L -p chlipx1 -c chlipx1.cnf -s packet-chlipx1-template chlipx1.asn After that, I copy packet-chlipx1.c packet-chlipx1.h to /epan/dissectors During make, some problem met. Anyone can help to resolve this problem. Thanks. nmake -f Makefile.nmake all Output: packet-chlipx1.c C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(206) : error C2061: syntax error : identifier 'ssize_t' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(207) : error C2143: syntax error : missing ')' before '*' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(207) : error C2143: syntax error : missing '{' before '*' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(207) : error C2059: syntax error : ')' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(209) : error C2143: syntax error : missing ')' before '*' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(209) : error C2143: syntax error : missing '{' before '*' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(209) : error C2059: syntax error : ')' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(210) : error C2373: 'select' : redefinition; different type modifiers C:\Program Files\Microsoft SDKs\Windows\v6.0A\include\winsock2.h(1863) : see declaration of 'select' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(211) : error C2143: syntax error : missing ')' before '*' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(211) : error C2143: syntax error : missing '{' before '*' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(211) : error C2059: syntax error : ')' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(211) : error C2146: syntax error : missing ')' before identifier 'pid' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(211) : error C2061: syntax error : identifier 'pid' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(211) : error C2059: syntax error : ';' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(211) : error C2059: syntax error : ',' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(211) : error C2059: syntax error : ')' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(212) : error C2365: 'accept' : redefinition; previous definition was 'function' C:\Program Files\Microsoft SDKs\Windows\v6.0A\include\winsock2.h(1523) : see declaration of 'accept' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(213) : error C2365: 'connect' : redefinition; previous definition was 'function' C:\Program Files\Microsoft SDKs\Windows\v6.0A\include\winsock2.h(1582) : see declaration of 'connect' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(225) : error C2059: syntax error : '}' packet-chlipx2.c C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(206) : error C2061: syntax error : identifier 'ssize_t' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(207) : error C2143: syntax error : missing ')' before '*' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(207) : error C2143: syntax error : missing '{' before '*' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(207) : error C2059: syntax error : ')' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(209) : error C2143: syntax error : missing ')' before '*' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(209) : error C2143: syntax error : missing '{' before '*' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(209) : error C2059: syntax error : ')' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(210) : error C2373: 'select' : redefinition; different type modifiers C:\Program Files\Microsoft SDKs\Windows\v6.0A\include\winsock2.h(1863) : see declaration of 'select' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(211) : error C2143: syntax error : missing ')' before '*' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(211) : error C2143: syntax error : missing '{' before '*' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(211) : error C2059: syntax error : ')' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(211) : error C2146: syntax error : missing ')' before identifier 'pid' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(211) : error C2061: syntax error : identifier 'pid' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(211) : error C2059: syntax error : ';' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(211) : error C2059: syntax error : ',' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(211) : error C2059: syntax error : ')' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(212) : error C2365: 'accept' : redefinition; previous definition was 'function' C:\Program Files\Microsoft SDKs\Windows\v6.0A\include\winsock2.h(1523) : see declaration of 'accept' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(213) : error C2365: 'connect' : redefinition; previous definition was 'function' C:\Program Files\Microsoft SDKs\Windows\v6.0A\include\winsock2.h(1582) : see declaration of 'connect' C:\wireshark-libs-1.0\gnutls-2.6.3-1\include\gcrypt.h(225) : error C2059: syntax error : '}' packet-chlipx3.c Generating Code... Best Regards Patrick -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.wireshark.org/lists/wireshark-dev/attachments/20090506/0cfba158/attachment.htm ------------------------------ Message: 3 Date: Tue, 5 May 2009 16:55:36 -0400 From: Seth Webster <swebster@xxxxxxxxxx> Subject: [Wireshark-dev] Status of PDML output To: wireshark-dev@xxxxxxxxxxxxx Message-ID: <F03B1A3B-9A6C-415B-BF12-0CEDA01C4FC0@xxxxxxxxxx> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Hi, I am considering using the PDML output from tshark as input to a system we are developing, but I am trying to find out how much it is expected to change over the next year or so. I saw in the Wireshark docs the statement: "The PDML specification is not officially released and Wireshark's implementation of it is still in an early beta state, so please expect changes in future Wireshark versions." Does anyone have a sense for how much the PDML standard is likely to change and very approximately what the timeline for it is? Is there active work on it? I tried a bunch of web searches, but all I could find was the actual spec on nbee.org. I couldn't find any FAQs, project timelines, or even mailing lists to try and gauge how active it is. Thanks, Seth Webster MIT Lincoln Laboratory 781-981-3247 ------------------------------ _______________________________________________ Wireshark-dev mailing list Wireshark-dev@xxxxxxxxxxxxx https://wireshark.org/mailman/listinfo/wireshark-dev End of Wireshark-dev Digest, Vol 36, Issue 11 *********************************************
- Follow-Ups:
- Re: [Wireshark-dev] add a new format to wiretap
- From: Stephen Fisher
- Re: [Wireshark-dev] add a new format to wiretap
- Prev by Date: Re: [Wireshark-dev] gcrypt error on windows XP
- Next by Date: Re: [Wireshark-dev] Status of PDML output
- Previous by thread: Re: [Wireshark-dev] Add restrictions to arguments of dumpcap
- Next by thread: Re: [Wireshark-dev] add a new format to wiretap
- Index(es):