I'm dealing with case #2. My protocol runs on top of UDP, or perhaps, encapsulated into UDP. So I tryed this:
if (check_col(pinfo->cinfo,COL_INFO)) {
col_clear(pinfo->cinfo,COL_INFO);
}
col_add_fstr(pinfo->cinfo, COL_INFO, "Source: %s", pinfo->srcport);
When I run, it puts "[Dissector bug, protocol XXX: STATUS_ACCESS_VIOLATION: dissector accessed and invalid memory address]" in the Info column.
What am I doing wrong?
Thanks
On Mon, May 23, 2011 at 1:41 PM, Guy Harris
<guy@xxxxxxxxxxxx> wrote:
On May 23, 2011, at 7:55 AM, eymanm wrote:
> I'm making a dissector for a protocol that is based on UDP.
By "based on UDP", do you mean:
1) your protocol is an unreliable transport-layer protocol similar to UDP but not the same as UDP
or
2) your protocol runs on top of UDP?
> I'd like to show the source and destination ports in the Info column, pretty much the same way as it shown by the UDP dissector. Can somebody suggest how to get the port numbers when I'm dissecting the payload?
If the answer is 1), then, if your protocol has port numbers, you get them from your dissector.
If the answer is 2), the packet_info structure pointed to by the "pinfo" argument to your dissector has "srcport" and "dstport" members that, for a protocol running atop UDP, have the UDP source and destination port numbers.
