Wireshark · Wireshark-users: Re: [Wireshark-users] How do I go about creating a custompacket data decode

Wireshark-users: Re: [Wireshark-users] How do I go about creating a custompacket data decode

From: Gerald Combs <gerald@xxxxxxxxxxxxx>

Date: Wed, 21 Nov 2007 12:32:26 -0800

Owens, Neil wrote:
> Steve
> 
> It's for all UDP traffic on a specific port.  I'm currently on Windows
> XP, but if a flavour of Linux makes it easier, then so be it.

In that case, you'd probably want to make a copy of the packet data, XOR it, and
add the XORed data as a new data source for the packet.  The function
tacplus_decrypted_tvb_setup() in packet-tacacs.c provides a pretty good (and
well-commented) example of this.

Follow-Ups:
- Re: [Wireshark-users] How do I go about creating custom packet data decode
  - From: Owens, Neil

References:
- [Wireshark-users] How do I go about creating a custom packet data decode
  - From: Owens, Neil
- Re: [Wireshark-users] How do I go about creating a custom packet data decode
  - From: Stephen Fisher
- Re: [Wireshark-users] How do I go about creating a custompacket data decode
  - From: Owens, Neil

Prev by Date: [Wireshark-users] Bluetooth card driver
Next by Date: Re: [Wireshark-users] How do I go about creating a custom packet data decode
Previous by thread: Re: [Wireshark-users] How do I go about creating a custompacket data decode
Next by thread: Re: [Wireshark-users] How do I go about creating custom packet data decode
Index(es):
- Date
- Thread