|Main Archive Page > Month Archives > wireshark-dev archives|
I have a query on "User DLTs table" window on Wireshark.
My main intention is to dissect Wireshark plug-ins as independent
plug-ins (I mean with out dissecting Data Link layer (Ethernet) and IP
layers, I directly want to dissect plug-ins on top of IP layer.
I found the following webpage useful for my purpose.
In the webpage he explained on how to dissect HTTP plug-in as
independent plug-in, in the similar way I want to dissect my plug-ins.
My question here is, in Wireshark Edit --> Preferences window, on
selecting DLT_USER --> Edit, in User DLTs Table --> New window, we have
different DLT values ranging from 147 - 162, in the "Payload Protocol"
field it is accepting only some protocols (ex, HTTP, FTP, which I tried)
for User 0 (DLT=147).
If I give HTTP in that field, I can dissect HTTP layer directly without
its bottom layers. Now how can I define my plug-in names there so that I
also can also dissect my plug-ins directly? Do I have to define the
plug-in names some where in the code?
Please help in this.
Please do not print this email unless it is absolutely necessary.
The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments.
WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.
Sent via: Wireshark-dev mailing list <firstname.lastname@example.org>