Wireshark mailing list archives
Re: Need help with dissector
From: Anders Broman <anders.broman () ericsson com>
Date: Mon, 19 May 2014 15:07:18 +0000
-----Original Message----- From: wireshark-dev-bounces () wireshark org [mailto:wireshark-dev-bounces () wireshark org] On Behalf Of Yan Burman Sent: den 19 maj 2014 15:51 To: wireshark-dev () wireshark org Subject: [Wireshark-dev] Need help with dissector Hi, I am trying to write a dissector for iSER (iSCSI extenstions for RDMA). I need to be able to at least do "decode as" iser for data in a certain connection. I started by writing a simple skeleton based on wireshark documentation, and I see the plugin I compiled in the info page when starting wireshark. The problem is that I do not see it in the "decode as" list. (I don't see iSCSI as well). Please tell me what am I doing wrong (or at least point me at the relevant documentation for that? My code is extremely simple at this point: #include "config.h" #include <epan/packet.h> static int proto_iser = -1; static void dissect_iser(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) { col_set_str(pinfo->cinfo, COL_PROTOCOL, "iSER"); /* Clear out stuff in the info column */ col_clear(pinfo->cinfo, COL_INFO); } void proto_reg_handoff_iser(void) { static dissector_handle_t iser_handle; iser_handle = create_dissector_handle(dissect_iser, proto_iser); } void proto_register_iser(void) { proto_iser = proto_register_protocol ( "iSCSI Extensions for RDMA", /* name */ "iSER", /* short name */ "iser" /* abbrev */ ); } Thanks a lot, Yan You need to arrange that your dissector gets called somehow. The iscsi dissector does: void proto_reg_handoff_iscsi(void) { heur_dissector_add("tcp", dissect_iscsi_heur, proto_iscsi); iscsi_handle = new_create_dissector_handle(dissect_iscsi_handle, proto_iscsi); dissector_add_handle("tcp.port", iscsi_handle); } If your dissector is replacing the iscsi dissector you should probably add dissector_add_handle("tcp.port", iscsi_handle); to be able to do "decode as" otherwise you have to modify the iscsi dissector to call your dissector for the extensions. Regards Anders ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Need help with dissector Yan Burman (May 19)
- Re: Need help with dissector Anders Broman (May 19)