ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
July 17th, 2024 | 10:00am-11:55am SGT (UTC+8) | Online
Wireshark logo

Ethereal-dev: [Ethereal-dev] My plugin dissector function not called if I give -V option to te

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Anand, Umesha Sharma" <umesha-sharma.anand@xxxxxx>
Date: Mon, 26 Jun 2006 19:46:03 +0530
Hi 
  My name is Umesh and we are developing a plugin for a protocol based
on XTP.  We have developed an initial skeleton of the plugin and we want
to dissect the first field of the protocol header.  When I run tetheral
with -V option to decode the first field, my dissector is never called.
However if we do not give the -V option, the top level protocol
information is displayed correctly.  Can someone give us pointers on
what could be the issue.

Thanks in advance.

Best Regards,
Umesh.

Output without -V option
=========================
./tethereal -c 1 -i eth 1
tethereal: The capture session could not be initiated (ioctl: No such
device).

Please check to make sure you have sufficient permissions, and that you
have
the proper interface or pipe specified.
[root@bunty ethereal-0.99.0]# ./tethereal -c 1 -i eth1
Capturing on eth1


 tree = null  (PRINTF OUTPUT IN OUR PLUGIN)

  0.000000 Intel_7f:ca:15 -> HewlettP_25:42:04 XTP  (PROTOCOL RECOGNISED
AS XTP)
1 packets captured


OUTPUT WITH -V OPTION
=====================

[root@bunty ethereal-0.99.0]# ./tethereal -c 1 -i eth1 -V
Capturing on eth1
Frame 1 (68 bytes on wire, 68 bytes captured)
    Arrival Time: Jun 26, 2006 19:33:57.965407000
    Time delta from previous packet: 0.000000000 seconds
    Time since reference or first frame: 0.000000000 seconds
    Frame Number: 1
    Packet Length: 68 bytes
    Capture Length: 68 bytes
    Protocols in frame: eth:xtp  ( AT THE FRAME LEVEL, PROTOCOL IS
IDENTIFIED AS XTP, BUT MY DISSECTOR IS NOT CALLED )
Ethernet II, Src: Intel_7f:ca:15 (00:d0:b7:7f:ca:15), Dst:
HewlettP_25:42:04 (00:30:6e:25:42:04)
    Destination: HewlettP_25:42:04 (00:30:6e:25:42:04)
        Address: HewlettP_25:42:04 (00:30:6e:25:42:04)
        .... ...0 .... .... .... .... = Multicast: This is a UNICAST
frame
        .... ..0. .... .... .... .... = Locally Administrated Address:
This is a FACTORY DEFAULT address
    Source: Intel_7f:ca:15 (00:d0:b7:7f:ca:15)
        Address: Intel_7f:ca:15 (00:d0:b7:7f:ca:15)
        .... ...0 .... .... .... .... = Multicast: This is a UNICAST
frame
        .... ..0. .... .... .... .... = Locally Administrated Address:
This is a FACTORY DEFAULT address
    Type: Unknown (0xbcbd)

1 packets captured
_______________________________________________
Ethereal-dev mailing list
Ethereal-dev@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-dev
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube