So why do a plugin? Just write a normal new dissector.
Regardless, the doc to read is this: doc/README.dissector
That explains a lot, in detail; and of course you should also look at some
existing packet-* files in epan/dissectors. For UDP, packet-stun.c or
packet-ntp.c are a relatively small ones.
On Mar 12, 2014, at 1:48 AM, Nilesh Nayak <nileshnayk4 () gmail com> wrote:
So, basically I want to build a basic wireshark dissector and try to
capture the packets using my own customised protocol name.
Example : I have a protocol of my own, lets name it as "foo" protocol.
Now, I want to create a dissector for it like packet-<protocolname>.c and
packet-<protocolname>.h as source header files.
Underlying the protocol, I am capturing UDP packets. But if I set the
capture filter as "foo", then I should be able to capture "foo" packets.
Could you please send me some good tutorials over the same?
I have already read the README.developer and README.pluggins docs.
And yes, I am adding a new protocol dissector in the wireshark source
code itself and then building the environment and compiling.
Thanks and Regards,
Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org>
mailto:wireshark-dev-request () wireshark org