Wireshark mailing list archives
Re: How to save the stream data for a special protocol
From: Stephen Fisher <steve () stephen-fisher com>
Date: Fri, 27 Jul 2012 09:33:35 -0600
---- On Fri, 27 Jul 2012 02:51:02 -0600 qiang.huang<qiang.huang () symbio com> wrote ----
It's no problem for us to write a "dissector Plugin" to dissect one or more packets for a special protocol. But we find that it's nearly impossible to use it to save its stream data for its serials of packets without repeating. As long as a user refreshes or clicks the wireshark's packet tree for some detailed informations, the dissector function will be called again.
The best solution would be to make another way to export the data in the fashion that the File -> Export Objects works (see ui/gtk/export_object.c and ui/gtk/export_object_http.c and epan/dissectors/packet-http.c for an example). If you need to do it only from the dissector, you can use the PINFO_FD_VISITED(pinfo) macro (which checks the pinfo->fd->flags.visited variable) to see if that packet was already dissected by Wireshark and only export if that variable is false. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- How to save the stream data for a special protocol qiang.huang (Jul 27)
- Re: How to save the stream data for a special protocol Stephen Fisher (Jul 27)