Wireshark-dev: [Wireshark-dev] Writing a tap plugin for AIM Messaging
From: Shawn Mayer <[email protected]>
Date: Sun, 07 Mar 2010 20:49:13 -0500
I am currently writing a tap interface for the incoming and outgoing messages portion of the AIM Messaging dissector. I have followed the instructions in the README.tapping file (hopefully correctly). Since the goal of this plugin is to link individual messages to conversations and then display them I should have tap_queue_packet(aim_messaging_tap, pinfo, msg_tree); before the return line of the dissect_aim_msg_incoming/outgoing methods correct? I also have to figure out a way to send the source and destination IP's (to group messages into conversations).
I am a bit confused as to how the tap listener works. Do I have to use 
the reset callback? As I see it the packet callback should update the 
data (say arrays of conversations) and draw should display the data in a 
window as it gets updated. Also where does the listener file get placed? 
Do I have to rebuild the code? Any help or links to further 
documentation/examples would be greatly appreciated. If I'm missing 
something please let me know don't be afraid to e-mail me directly.

NTMail K12 - the Mail Server for Education