We're now a non-profit! Support open source packet analysis by making a donation.

Wireshark-dev: Re: [Wireshark-dev] Save extracted data from reassembled packets

From: Stig Bjørlykke <stig.bjorlykke@xxxxxxxxx>
Date: Mon, 22 Feb 2010 20:24:04 +0100
On 21. feb. 2010, at 20.00, Peter Smith wrote:

> I have the following code to get the reassembled WSP payload out of packet in wireshark
> ===================================
> wsp_extractor = Field.new("wsp")

Wireshark does not currently support handling FT_PROTOCOL as a field extractor.  I suppose in this situation the FT_PROTOCOL should be handled as a byte array, and maybe this is the best handling.  I have just committed revision 31951 with a fix for this, please try a automated build[1] in an hour or so.

[1] http://www.wireshark.org/download/automated/

Stig Bjørlykke