Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] Writing a new packet dissector

From: Daniel Griscom <griscom@xxxxxxxxxxxx>
Date: Sat, 14 Oct 2006 09:02:09 -0400
At 10:46 AM +0200 10/14/06, Jaap Keuter wrote:
Hi,

Oke, here it goes: RTFM's at www.wireshark.org

Yes, I've already spent quite a while going over the user and developer documentation. I've also already downloaded and sniffed around the source. End result: little detailed enlightenment.

Bit more to the point: What platform are you developing on? Wild guess
Win32?

Well, I'm an OS X man by choice, but Wireshark is so much better integrated into Windows that I use it there.

Then look into the Wireshark Developer Guide, which has the step by
step guide of setting up the build environment. With all that in place
check out doc/README.developer which contains lots of details on the
internals.

Ah: that's the info I was looking for. Suggestion: add a pointer to the wireshark/doc directory to the very top of the developer's guide; less-experienced open-source developers (like myself) might not know to look there.

After a lot of grepping, I found the text-based media dissection code at epan/dissectors/packet-text-media.c. I'll start my work there.


Thanks,
Dan

--
Daniel T. Griscom             griscom@xxxxxxxxxxxx
Suitable Systems              http://www.suitable.com/
1 Centre Street, Suite 204    (781) 665-0053
Wakefield, MA  01880-2400