Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] Raw Fibre Channel dissector

From: Guy Harris <guy@xxxxxxxxxxxx>
Date: Fri, 19 Jun 2009 14:29:24 -0700

On Jun 19, 2009, at 11:01 AM, kahou lei wrote:

Is there an existing DLT value that I can dissect raw fibre channel packet?

No.

I saw there is a fibre channel dissector (packet-fc.c) but I cannot find a DLT value corresponse to it.

It's used to dissect FC encapsulated in various lower-level network protocols.

If there is no such DLT value, can you give me some direction on how to extend my local wireshark build so that the I can use the fibre channel dissector?

Presumably by "use the fibre channel dissector" you mean that you have Fibre Channel captures of some sort and you want Wireshark to be able to read them?

If so, then you would have to:

add a WTAP_ENCAP_FIBRE_CHANNEL value to the list of WTAP_ENCAP_ values in wiretap/wtap.h;

add a WTAP_FILE_ value for whatever type of file it is to the list of WTAP_FILE_ values in wiretap/wtap.h;

add a module in the wiretap directory to read those files (and possibly write them);

add an entry for WTAP_ENCAP_FIBRE_CHANNEL to the encap_table_base table in wiretap/wtap.c;

add an entry to the dump_open_table_base[] array in wiretap/ file_access.c for the new file type;

	have the Fibre Channel dissector call

		dissector_add("wtap_encap", WTAP_ENCAP_FIBRE_CHANNEL, handle);

where "handle" is a dissector handle for a dissector that can process the packets read from the file.