Wireshark-dev: Re: [Wireshark-dev] question regarding my wireshark dissector code.
Hi,
See change inline.
Also, what's netalivedata_handle and netalive_handle when isnetalivefilehere==NULL?
Thanx,
Jaap
Brian Oleksa wrote:
Olivier
Looking at the code below.....I was wondering why wireshark exits if the
netalive port file is not available...??
Basically....if the netalive ports file is there...then I want to
dissect netalive packets. But if the netalive ports file is NOT
there...then I want to continue to dissect other packets.
But .....what I am finding out is that if the net alive ports file is
NOT there....wireshark automatically shuts down. It doesn't even start
up correctly.
What am I missing here.....??
I am basically registering 2-3 protocols in 1 file. One protocol is my
companies basic protocol that is open to the public. But the other
"netalive" protocol is not open to the public
so those that have netalive access will be able to dissect them.
void proto_reg_handoff_netalive(void) {
static gboolean isinitialized = FALSE;
gboolean isnetalivefilehere = TRUE;
int netaliveportnumber;
FILE *fpnetalive;
#if defined(_WIN32)
fpnetalive = fopen("netaliveport.txt", "r");
#else
fpnetalive = fopen("netaliveport", "r");
#endif
if (fpnetalive == NULL) {
isnetalivefilehere = FALSE;
}
//if netalive ports file is there....then go into this loop.
//if it is not there then just continue using wireshark
if(isnetalivefilehere)
{
while (fscanf(fpnetalive, "%d\n", &netaliveportnumber) != EOF) {
printf("Net Alive Port number = %d\n", netaliveportnumber);
if (!isinitialized) {
netalivedata_handle = find_dissector("data");
netalive_handle = create_dissector_handle(dissect_netalive,
proto_netalive);
>+ }
printf("I am here 1\n");
//This line read the port number from the file.
dissector_add("udp.port", netaliveportnumber, netalive_handle);
- }
}
>+ fclose(fpnetalive);
}
- fclose(fpnetalive);
+ isinitialized = TRUE;
}
Thanks,
Brian
wsgd wrote:
netalive_sub_item is not initialized
Olivier
Brian Oleksa a écrit :
@Wiresharkers
I have created this helen dissector. It has been running great ever
since then.
I have some NON-helen packets that I want to dissect. Instead of
writing another dissector, I added it to the packet-helen.c code.
As you can see at the top of this file I call a new procedure called:
void proto_reg_handoff_netalive(void)
Which works great and reads in the port # from the file correctly.
I even get into the void dissect_netalive(tvbuff_t *tvb,
packet_info *pinfo, proto_tree *tree) procedure with no problems:
But I am not dissecting anything. The only thing that I get in the
wireshark GUI is the word "NETALIVE".
Why I am not seeing the dissection tree under the NETALIVE protocol....??
Basically.......all I did was I mirrored the helen protocol....it
compiles fine but I do not see my packets being dissected.
Any thoughts or suggestions...? The latest code is attached.
Thank you very much for your help.
It is greatly appreciated.
Brian