Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: adding an encap_type_info element

From: Jeff Morriss <jeff.morriss.ws () gmail com>
Date: Thu, 18 Nov 2010 09:39:20 -0500
The USER DLTs are really for temporary or experimental or at least 
internal-only use.  If you intend to use your layer for a long time or 
publish it, it's quite easy to request a new DLT (by emailing the 
tcpdump-workers list at tcpdump.org).  Just be sure that you register 
one instead of just using some number--number collisions from 
unregistered uses are a nightmare.

Lange Jan-Erik wrote:

I solved it using WTAP_ENCAP_USER0. ..I think a better solution was it 
if i could declare a really new "link type". But I think it is going 
well this way.
 
 
------------------------------------------------------------------------
*Von:* wireshark-dev-bounces () wireshark org 
[wireshark-dev-bounces () wireshark org] im Auftrag von Lange Jan-Erik 
[Jan-Erik.Lange () haw-hamburg de]
*Gesendet:* Donnerstag, 18. November 2010 13:28
*An:* wireshark-dev () wireshark org
*Betreff:* [Wireshark-dev] adding an encap_type_info element

Hello,
 
I want to dissect a packet that is not ethernet compliant. In the 
following I decribe the strategy to realize this.
Can you tell me where I'm wrong?
 
1. I have to add a new encap_type_info element to the encap_table_base[] 
struct in the wtap.c file.
 /* WTAP_ENCAP_MYPHYLAYER */
 { "My Phy Layer", "myphylayer" },
 
2. In the wtap.h file I have to add a new #define element, ie.
#define WTAP_ENCAP_MYPHYLAYER                    129
 
3. Now I can add the dissecor:
dissector_add("myphylayer", WTAP_ENCAP_MYPHYLAYER, myprot_handle);
 
Is this correct in general or are there points missing?
 
Best regards
Jan


------------------------------------------------------------------------

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: