can you also do these changes to the usb dissector:
1, remove the #ifdef HAVE_LIBPCAP wrappers since these should not be nessecary
2, remove the pcap includes since they are not used
3, remove the tap since there is no tappable data yet
4, change urb_type_string into a value_string and create defines for
all the entries.
Remember that a value_string must be terminated with a
{0, NULL}
entry.
Then you can create the hf_usb_urb_type using proto_tree_add_item
if you also change the hf definition into
I.e.
#define URB_CONTROL_INPUT 0
...
static struct value_string usb_urb_type_vals[] = {
{URB_CONTROL_INPUT, "URB_CONTROL_INPUT"},
...
{0, NULL}
}
proto_tree_add_item(tree, hf_usb_urb_type, tvb, offset, 4, FALSE);
{ &hf_usb_urb_type,
{ "URB type", "usb.urb_type", FT_UINT32, BASE_DEC,
VALS(usb_urb_type_vals), 0x0,
"URB type", HFILL }},
On 10/9/06, ronnie sahlberg <ronniesahlberg@xxxxxxxxx> wrote:
The sample captures are all empty 0-byte files.
Can you please reupload them?
On 10/9/06, Paolo Abeni <paolo.abeni@xxxxxxxx> wrote:
> Hello,
>
> Current libpcap cvs support sniffing from usb ports. As requested from
> Ronnie Sahlberg I have created a wiki page on the argument:
>
> http://wiki.wireshark.org/USB
>
> and added a few samples on the capture samples wiki page:
>
>
http://wiki.wireshark.org/SampleCaptures#head-88d8d4547e6ef5624e34b7bcb699e9591191128b
>
> The attached patch adds support for the newly introduced data link type
> and add a basic dissector for USB interfaces.
>
> ciao,
>
> Paolo
>
>
>
> --
> Email.it, the professional e-mail, gratis per te: http://www.email.it/f
>
> Sponsor:
> La vita � fatta di emozioni... che i nostri gioielli ti sapranno di certo
> regalare. Qualit�, competenza e convenienza al tuo servizio con
Gioielleria
> Maglione
> Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=5633&d=9-10
>
