|Main Archive Page > Month Archives > wireshark-dev archives|
I am trying to dissect plug-ins in Wireshark independently without its
For example, if my plug-In is sitting in the following way
UDP or SCTP
This is the usual way how Wireshark decodes my plug-in, now I tried to
decode my plug-in directly without its stack and succeeded by
Defining My-plug-in as DLT=147 in Wireshark -> Preferences -> DLT_USER
-> Edit window and also making some code changes in my-plug-in.
But, when I try to decode more than one my-plug-ins, with same DLT
(DLT=147), I couldn't able decode multiple plug-ins like that, but I can
able to define them under same DLT.
Is It that one pcap file only supports only one DLT? If yes what is the
best way to meet my requirement? I want to decode multiple plug-ins in
the same pcap file (without decoding the plug-ins complete stack)
Please do not print this email unless it is absolutely necessary.
The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments.
WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.
Sent via: Wireshark-dev mailing list <email@example.com>