Wireshark · Wireshark-users: [Wireshark-users] Use of User DLT

Wireshark-users: [Wireshark-users] Use of User DLT

Date: Tue, 21 Jul 2009 17:44:22 +0000

Folks,

I would like to use Wireshark to decode non-network data. To do this, I have created a wireshark plugin. Here are some snippets of the plugin:

void proto_register_ldm(void)
{
   module_t *module;
   if (proto_ldm == -1)
   {
      proto_ldm = proto_register_protocol (
         "Ldm Protocol", /* name */
         "LDM",    /* short name */
         "ldm"        /* abbrev */
      );

...
}

void proto_reg_handoff_ldm(void)
{
...

ldm_handle = create_dissector_handle(dissect_ldm, proto_ldm);
dissector_add(wtap_encap, WTAP_ENCAP_USER0, ldm_handle);

..}

I have also created a pcap file for the sample data I want to decode in the following manner:

od  -tx1 -v ldmData.bin | text2pcap -l 147 - ldmData.pcap

i.e. I am using DLT USER0 (to match up with plugin).

Now when I try to configure DLT User 0 in wireshark (Edit->Preferences->Protocols>DLT_USER->Edit Encapsulations Table 
and adding an entry to decode DLT 147 using the "ldm" plugin)

I get the following error "No such proto:ldm". Now I do see that the ldm dissector is successfully registered.

Any ideas on what is the issue here? Thanks,

--Mahesh

NEW mobile Hotmail. Optimized for YOUR phone. Click here.

Follow-Ups:
- Re: [Wireshark-users] [Wireshark-dev] Use of User DLT
  - From: Stig Bjørlykke
- Re: [Wireshark-users] Use of User DLT
  - From: Guy Harris
- Re: [Wireshark-users] Use of User DLT
  - From: Guy Harris

Prev by Date: Re: [Wireshark-users] filtering in non-GUI mode
Next by Date: [Wireshark-users] can't generate keyring material??
Previous by thread: Re: [Wireshark-users] OID Spec in Display Filter
Next by thread: Re: [Wireshark-users] [Wireshark-dev] Use of User DLT
Index(es):
- Date
- Thread