Wireshark-dev: Re: [Wireshark-dev] question regarding my wireshark dissector code.
From: Brian Oleksa <oleksab@xxxxxxxxxxxxxxxxxxxxxx>
Date: Wed, 15 Jul 2009 13:40:36 -0400
Olivier

Looking at the code below.....I was wondering why wireshark exits if the netalive port file is not available...??

Basically....if the netalive ports file is there...then I want to dissect netalive packets. But if the netalive ports file is NOT there...then I want to continue to dissect other packets.

But .....what I am finding out is that if the net alive ports file is NOT there....wireshark automatically shuts down. It doesn't even start up correctly.

What am I missing here.....??

I am basically registering 2-3 protocols in 1 file. One protocol is my companies basic protocol that is open to the public. But the other "netalive" protocol is not open to the public
so those that have netalive access will be able to dissect them.


void proto_reg_handoff_netalive(void) {
   static gboolean isinitialized = FALSE;
   gboolean isnetalivefilehere = TRUE;
   int netaliveportnumber;

   FILE *fpnetalive;

#if defined(_WIN32)
   fpnetalive = fopen("netaliveport.txt", "r");
#else
   fpnetalive = fopen("netaliveport", "r");
#endif

   if (fpnetalive == NULL) {
       isnetalivefilehere = FALSE;
   }

//if netalive ports file is there....then go into this loop.
//if it is not there then just continue using wireshark
  if(isnetalivefilehere)
  {
   while (fscanf(fpnetalive, "%d\n", &netaliveportnumber) != EOF) {

       printf("Net Alive Port number = %d\n", netaliveportnumber);

       if (!isinitialized) {
           netalivedata_handle = find_dissector("data");
netalive_handle = create_dissector_handle(dissect_netalive, proto_netalive);
       printf("I am here 1\n");
           //This line read the port number from the file.
           dissector_add("udp.port", netaliveportnumber, netalive_handle);
       }

   }
  }

   fclose(fpnetalive);

}

Thanks,
Brian



wsgd wrote:
netalive_sub_item is not initialized

Olivier

Brian Oleksa a écrit :
@Wiresharkers

I have created this helen dissector. It has been running great ever since then.

I have some NON-helen packets that I want to dissect. Instead of writing another dissector, I added it to the packet-helen.c code.

As you can see at the top of this file I call a new procedure called:
void proto_reg_handoff_netalive(void)

Which works great and reads in the port # from the file correctly.

I even get into the void dissect_netalive(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) procedure with no problems:

But I am not dissecting anything. The only thing that I get in the wireshark GUI is the word "NETALIVE".

Why I am not seeing the dissection tree under the NETALIVE protocol....??

Basically.......all I did was I mirrored the helen protocol....it compiles fine but I do not see my packets being dissected.

Any thoughts or suggestions...? The latest code is attached.

Thank you very much for your help.

It is greatly appreciated.

Brian


------------------------------------------------------------------------

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe