Wireshark-dev: Re: [Wireshark-dev] question regarding my wireshark dissector code.
Jaap
Thanks for the help. I see what you did in the code. It works...!!
I started using this website help when I first started creating my own
dissector.
http://www.codeproject.com/KB/IP/custom_dissector.aspx
You will see (about half way down this page) the following code:
void proto_reg_handoff_amin(void)
{
static gboolean initialized=FALSE;
if (!initialized) {
data_handle = find_dissector("data");
amin_handle = create_dissector_handle(dissect_amin, proto_amin);
dissector_add("tcp.port", global_amin_port, amin_handle);
}
}
//This function is called to register our protocol. Notice how the port and dissector handle are passed
I just used this basic template and built my dissector from there.
Thanks,
Brian
Jaap Keuter wrote:
Hi,
See change inline.
Also, what's netalivedata_handle and netalive_handle when isnetalivefilehere==NULL?
Thanx,
Jaap
Brian Oleksa wrote:
Olivier
Looking at the code below.....I was wondering why wireshark exits if the
netalive port file is not available...??
Basically....if the netalive ports file is there...then I want to
dissect netalive packets. But if the netalive ports file is NOT
there...then I want to continue to dissect other packets.
But .....what I am finding out is that if the net alive ports file is
NOT there....wireshark automatically shuts down. It doesn't even start
up correctly.
What am I missing here.....??
I am basically registering 2-3 protocols in 1 file. One protocol is my
companies basic protocol that is open to the public. But the other
"netalive" protocol is not open to the public
so those that have netalive access will be able to dissect them.
void proto_reg_handoff_netalive(void) {
static gboolean isinitialized = FALSE;
gboolean isnetalivefilehere = TRUE;
int netaliveportnumber;
FILE *fpnetalive;
#if defined(_WIN32)
fpnetalive = fopen("netaliveport.txt", "r");
#else
fpnetalive = fopen("netaliveport", "r");
#endif
if (fpnetalive == NULL) {
isnetalivefilehere = FALSE;
}
//if netalive ports file is there....then go into this loop.
//if it is not there then just continue using wireshark
if(isnetalivefilehere)
{
while (fscanf(fpnetalive, "%d\n", &netaliveportnumber) != EOF) {
printf("Net Alive Port number = %d\n", netaliveportnumber);
if (!isinitialized) {
netalivedata_handle = find_dissector("data");
netalive_handle = create_dissector_handle(dissect_netalive,
proto_netalive);
>+ }
printf("I am here 1\n");
//This line read the port number from the file.
dissector_add("udp.port", netaliveportnumber, netalive_handle);
- }
}
>+ fclose(fpnetalive);
}
- fclose(fpnetalive);
+ isinitialized = TRUE;
}
Thanks,
Brian
wsgd wrote:
netalive_sub_item is not initialized
Olivier
Brian Oleksa a écrit :
@Wiresharkers
I have created this helen dissector. It has been running great ever
since then.
I have some NON-helen packets that I want to dissect. Instead of
writing another dissector, I added it to the packet-helen.c code.
As you can see at the top of this file I call a new procedure called:
void proto_reg_handoff_netalive(void)
Which works great and reads in the port # from the file correctly.
I even get into the void dissect_netalive(tvbuff_t *tvb,
packet_info *pinfo, proto_tree *tree) procedure with no problems:
But I am not dissecting anything. The only thing that I get in the
wireshark GUI is the word "NETALIVE".
Why I am not seeing the dissection tree under the NETALIVE protocol....??
Basically.......all I did was I mirrored the helen protocol....it
compiles fine but I do not see my packets being dissected.
Any thoughts or suggestions...? The latest code is attached.
Thank you very much for your help.
It is greatly appreciated.
Brian
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe