Wireshark mailing list archives
Re: Doubts_in_writting_dissector
From: Stephen Fisher <steve () stephen-fisher com>
Date: Thu, 17 Dec 2009 02:36:59 -0700
On Dec 17, 2009, at 12:41 AM, nikhil tripathi wrote:
1:Why the global_port_number is important and how wiresahrk use thi?
What are you referring to? I can't find a variable named global_port_number anywhere in Wireshark.
2:How wireshark choose protocol to dissect the cpaturing data?
See answer to question #3 below.
3.How we write new plugin when we don't know the port number can we wirte plugin ?
You can still write the plug-in. It can be written as a heuristic (something that checks each packet for a certain pattern of data and then alerts Wireshark when that packet matches the dissector) - read doc/README.heuristic for more details. You can also register a protocol by name, but no port numbers, and choose it from the "Decode As" menu option. Steve ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Doubts_in_writting_dissector nikhil tripathi (Dec 16)
- Re: Doubts_in_writting_dissector Stephen Fisher (Dec 17)