Re: Doubts_in_writting_dissector

[Stephen Fisher <steve () stephen-fisher com>]

On Dec 17, 2009, at 12:41 AM, nikhil tripathi wrote:

> 1:Why the global_port_number is important and how wiresahrk use thi?

What are you referring to?  I can't find a variable named  
global_port_number anywhere in Wireshark.

> 2:How wireshark choose protocol to dissect the cpaturing data?

See answer to question #3 below.

> 3.How we write new plugin when we don't know the port number can we  
> wirte plugin ?

You can still write the plug-in.  It can be written as a heuristic  
(something that checks each packet for a certain pattern of data and  
then alerts Wireshark when that packet matches the dissector) - read  
doc/README.heuristic for more details.  You can also register a  
protocol by name, but no port numbers, and choose it from the "Decode  
As" menu option.


Steve

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe