Wireshark · Wireshark-dev: [Wireshark-dev] protocol dissector: little endian ethernet address

Wireshark-dev: [Wireshark-dev] protocol dissector: little endian ethernet address

From: Mike Ryan <mikeryan@xxxxxxxxxxxxxxxx>

Date: Tue, 5 Feb 2013 14:07:02 -0800

I am working on a protocol dissector for Bluetooth Low Energy. The link
layer header includes ethernet addresses, but they are little-endian. Is
it possible to have Wireshark display them properly?

Here is what I have so far:

    http://sourceforge.net/p/libbtbb/code/ci/18965c19d5a3c1b495c40fb13fed71197918e643/tree/wireshark/plugins/btle/packet-btle.c#l114

The code reads:

    const guint8 *adv_addr, *init_addr;

    adv_addr = tvb_get_ptr(tvb, offset, 6);
    SET_ADDRESS(&pinfo->src, AT_ETHER, 6, adv_addr);
    init_addr = tvb_get_ptr(tvb, offset+6, 6);
    SET_ADDRESS(&pinfo->dst, AT_ETHER, 6, init_addr);

    proto_tree_add_ether(tree, hf_btle_adv_addr, tvb, offset, 6, adv_addr);
    proto_tree_add_ether(tree, hf_btle_init_addr, tvb, offset + 6, 6, init_addr);

[Please reply-all, as I am not on-list]

Attachment: signature.asc
Description: Digital signature

Prev by Date: [Wireshark-dev] extracting packet bytes to file
Next by Date: [Wireshark-dev] Rename "Filter Expressions" to "Filter Buttons"
Previous by thread: [Wireshark-dev] extracting packet bytes to file
Next by thread: [Wireshark-dev] Rename "Filter Expressions" to "Filter Buttons"
Index(es):
- Date
- Thread