Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: [Wireshark-dev] Questions about dev

From: "Neha Chahal" <neha.chahal@xxxxxxxxx>
Date: Mon, 6 Nov 2006 22:00:21 -0800
Hi ,

I am very new to the ethereal source code. I want to add a dissector
that understands my protocol –" my_proto".
	
Problem statement:

I have a binary file my_proto_dump.log. This file has packets received
by my application.
I want ethereal to read from a binary file packets in my_proto
protocol and then be able to dissect these packets and produce an
output file.

I am having a hard time understanding how to join the pieces together.

I have a few questions about this.

1.	To make ethereal dissect my protocol I have to add a dissector,
right ? I would have to add under plugins/my_proto.c – which is my
dissector. This step has been explained nicely in the manual. I did
this.
2.	How do I make ethereal call my dissector?
3.	Do I have to make changes to add my capture file type in the wiretap/ dir.
4.	What is the difference between read and seek_read functions. Do I
have to return the packet in the wth->format_buffer? Is this packet
used by the dissector to dissect? If yes this packet should have all
the bits I mention in the dissector code ?
5.	After this wht is the ethereal output format. Do I have to specify
the output format also.
6.	In the end how do I make all this work together.

I am quite confused right now. If someone could just lay out the steps
in front me, I would be sure this is doable.

Thank you for all your suggestions and help in advance. I really need
some one to clear the cloud for me.

Thanks


--
Thanks and Regards,
Neha Chahal
Cell- 443 207 0414