Wireshark · Ethereal-dev: Re: [Ethereal-dev] Newbie question

Ethereal-dev: Re: [Ethereal-dev] Newbie question

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Guy Harris <guy@xxxxxxxxxxxx>

Date: Sun, 13 Jul 2003 18:53:42 -0700

On Sat, Jul 12, 2003 at 06:07:12PM -0700, Marcos wrote:
> I writing a plugin that dissect a proprietary protocol
> in UDP packet.
> The protocol uses 10 diferents udp ports
> Is it possible to know what the number of port and the
> time stamp of packet inside of dissector??

Yes.

If your dissector registered itself with 10 different UDP port numbers,
then, if it's called because the UDP port number matched, the port
number that matched is in "pinfo->match_port".

The time stamp of the packet is in "pinfo->fd->abs_secs" and
"pinfo->fd->abs_usecs", which is the absolute time stamp of the packet
in seconds and microseconds since January 1, 1970, 00:00:00 GMT.

References:
- [Ethereal-dev] Newbie question
  - From: Marcos

Prev by Date: [Ethereal-dev] Re: [Ethereal-users] newbie install trouble on gtk+
Next by Date: Re: [Ethereal-dev] make-register-dotc & make-tapreg-dotc
Previous by thread: [Ethereal-dev] Newbie question
Next by thread: [Ethereal-dev] h245 progress
Index(es):
- Date
- Thread