Wireshark · Ethereal-users: [Ethereal-users] How do I have my plug-in decode all TCP data packets?

Ethereal-users: [Ethereal-users] How do I have my plug-in decode all TCP data packets?

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Turner, Jay" <Jay.Turner@xxxxxxxxxxxxxxxxxx>

Date: Mon, 21 Apr 2003 09:06:44 -0500

[ ethereal 0.9.11 for Windows on Windows 2000 ] I am creating a plug-in (for our company's mainframe traffic) and find that it can access the TCP data. However it only allows me to decode TCP data packets whose source/destination/both ports match the current packet. I would like to decode ALL TCP data packets according to my plug-in.

I suspect this has to do with doing "dissector_add( "tcp.port", 0, myhandle );". I have tried "tcp.data" and "data" but they are illegal. Where can I read about the correct syntax and choices for dissector_add?

Thanks, Jay

Prev by Date: [Ethereal-users] New plugin
Next by Date: Re: [Ethereal-users] New plugin
Previous by thread: Re: [Ethereal-users] New plugin
Next by thread: [Ethereal-users] diameter protocol
Index(es):
- Date
- Thread