|
How do you test your dissectors?
Do you modify a pcap File with a HEX Editor?
Or are you using a program where you can modify the frame preferences and send it each time? If you use such a tool, which tool is it?
I don't understand, why I didn't even see "UDP" in the protocoll field. The field is labled wich "IP". Perhaps my frame settings in PackEth are wrong. But I can't see an error..
Von: wireshark-dev-bounces@xxxxxxxxxxxxx [wireshark-dev-bounces@xxxxxxxxxxxxx] im Auftrag von Jaap Keuter [jaap.keuter@xxxxxxxxx]
Gesendet: Dienstag, 16. November 2010 13:06
An: Developer support list for Wireshark
Betreff: Re: [Wireshark-dev] foo dissector of the dev guide
Hi,
have you disabled the UDP dissector?
Thanks,
Jaap
On Tue, 16 Nov 2010 11:16:20 +0100, Lange Jan-Erik <Jan-Erik.Lange@xxxxxxxxxxxxxx> wrote:
Hallo,
I want to try the example dissector out of the dev guide of wireshark.
The dissector works with UDP on port 1234. But when I'm sending a UDP Frame with UDP Src 1234 und Dest 1234 (IPv4) then in the protocol section of the UI is labeled with IP only like you can
see in the screenshot picture. Shouldn't it be labeled with FOO?
Best regards
Jan
| 
