Thanks for the info.
I have yet another question.
Using the routine proto_tree_add_item() to add a signed value to the
Protocol tree displays the value in HEX (as expected) & a decimal value
in parens. How can I prevent the decimal value from being displayed?
-Tim
> -----Original Message-----
> From: wireshark-dev-bounces@xxxxxxxxxxxxx
> [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Jaap Keuter
> Sent: Wednesday, June 21, 2006 1:13 PM
> To: Developer support list for Wireshark
> Subject: Re: [Wireshark-dev] Disectors & conversations
>
> Hi,
>
> Technically the TCP ACK only packet isn't part of your
> protocol, it's an underlying mechanism that transports the
> data for you. The whole idea of protocol layers is that they
> are independant, it should be possible to replace TCP with
> another stream protocol and your application still works.
> Think of UNIX sockets for instance. That is why you shouldn't
> be concerned with that in relation to your protocol.
>
> Thanx,
> Jaap
>
> On Wed, 21 Jun 2006, Cook, Timothy wrote:
>
> > Isn't it true that myDissector only gets called if the TCP
> data length
> > > 0? Therefore, since a TCP ACK (data length = 0) will not cause
> > myDissector to be called.
> >
> > I'm new to this whole process!
> >
> > -Tim
> >
> >
> > > -----Original Message-----
> > > From: wireshark-dev-bounces@xxxxxxxxxxxxx
> > > [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Jaap
> > > Keuter
> > > Sent: Wednesday, June 21, 2006 11:59 AM
> > > To: Developer support list for Wireshark
> > > Subject: Re: [Wireshark-dev] Disectors & conversations
> > >
> > > Hi,
> > >
> > > How about
> > >
> > > if (check_col(pinfo->cinfo, COL_PROTOCOL))
> > > {
> > > col_set_str(pinfo->cinfo, COL_PROTOCOL, "myProtocol" );
> > > }
> > >
> > > Thanx,
> > > Jaap
> > >
> > > On Wed, 21 Jun 2006, Cook, Timothy wrote:
> > >
> > > > We have written a new dissector for Wireshark. Using the the
> > > > README.developer (plus other dissector examples) made
> the creation
> > > > very simple (thanks for the detailed info).
> > > >
> > > > My dissector hooks TCP port 1000.
> > > >
> > > > How can I hook TCP packets (SYN/FIN/RST/...) and change the
> > > Protocol
> > > > column data to mimic the respective dissector.
> > > >
> > > > I want to be able to filter based on the protocol & get
> the whole
> > > > conversation, including the channel open & close.
> > > >
> > > >
> > > > -Tim
> > > >
> > >
> > > _______________________________________________
> > > Wireshark-dev mailing list
> > > Wireshark-dev@xxxxxxxxxxxxx
> > > http://www.wireshark.org/mailman/listinfo/wireshark-dev
> > >
> > > ______________________________________________________________
> > > _______________
> > > Scanned by IBM Email Security Management Services powered by
> > > MessageLabs. For more information please visit
> > > http://www.ers.ibm.com
> > > ______________________________________________________________
> > > _______________
> > >
> > _______________________________________________
> > Wireshark-dev mailing list
> > Wireshark-dev@xxxxxxxxxxxxx
> > http://www.wireshark.org/mailman/listinfo/wireshark-dev
> >
>
> _______________________________________________
> Wireshark-dev mailing list
> Wireshark-dev@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-dev
>
> ______________________________________________________________
> _______________
> Scanned by IBM Email Security Management Services powered by
> MessageLabs. For more information please visit
> http://www.ers.ibm.com
> ______________________________________________________________
> _______________
>
