I tried to use the existing XML package. I started at square 1 for the XML
dissector. When looking to the wiki page of the XML dissector, I took this
DTD
<?wireshark:protocol protocol_name="this" media="application/this"
hierarchy="yes" ?>
<!DOCTYPE this [
<!ELEMENT that (other|another|#PCDATA) >
<!-- #PCDATA is assumed to be there even it isn't -->
<!ATTLIST that
one CDATA #REQUIRED
two CDATA #IMPLIED >
<!-- we don't care of #REQUIRED, #IMPLIED or other #THINGS -->
<!ELEMENT other (#PCDATA) >
<!ELEMENT another (#PCDATA) >
]>
The Wiki says that it will create these filters
this
this.that
this.that.one
this.that.two
this.that.other
this.that.another
which is correct. But I got additional filters as well called this.other
and this.anothor which is not valid for the xml expected
<this>
aaa
<that one="bbb">
ccc
<other>ddd</other>
</that>
eee
</this>
As I understand the DTD correctly, the elements other and another are
always a child of the element that.
In this case there are just two extra filters, but in my case it ends up
with a lot of unnecessary filters, which is confusing for the users.
And this is just filtering, the wiki says that not data checking is
available
Richard
-----Oorspronkelijk bericht-----
Van: luis.ontanon@xxxxxxxxx [mailto:luis.ontanon@xxxxxxxxx] Namens Luis EG
Ontanon
Verzonden: maandag 10 mei 2010 22:51
Aan: dijns@xxxxxxx
Onderwerp: Re: [Wireshark-dev] Adding libxml2 to my dissector
Why not you pass the buffer containing XML to wireshark's own xml dissector.
If you add the DTDs to the .../dtds directory the contents of the xml
will be filterable.
On Mon, May 10, 2010 at 10:42 PM, Fam Dijns <dijns@xxxxxxx> wrote:
> Hi
>
> I am developing my own dissector and it is going well till I am stocked by
> this problem. My protocol has XML in it and I want to check the XML data
> against a XSD.
>
> The dissector is a developed as a plugin and runs fine till I added the
> limxml2 library. Since I am running on the windows platform, I took the
> binary from ftp://ftp.zlatkovic.com/libxml/ and updated the nmake file. I
> added the include directory and the linking to the xmllib2.lib. The
> dissector compiles nicely and the dissector compiled dll is copied to the
> wireshark plugin directory.
> Now when I try to start wireshark I get the message 'couldn't load module
> ...'
>
> Is there anything to debug this, or does somebody know what I am doing
> wrong?
>
> Thanks in advance
>
> Richard
>
>
>
___________________________________________________________________________
> Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> Archives: http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
> mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
>
--
This information is top security. When you have read it, destroy yourself.
-- Marshall McLuhan
