Hi
I am interested to know the best practice to debug the Plugin dissectors.
Regards,Viswa
From: Jagadeesan, Viswanathan
Sent: Wednesday, December 02, 2015 6:23 PM
To: 'Pascal Quantin'
Cc: Developer support list for Wireshark
Subject: RE: Question regarding LTE RRC dissectors
Thanks.
Exactly we need something. I thought, we can have
The approach:
External plugin register for UDP port 65534
Then Call external RRC dissector.
Your suggestions:
External plugin register for UDP port 65534
Then Call builtin RRC dissector.
I am fine with your approach, any samples code/ link, so we happy to start with
Regards,Viswa
From: Pascal Quantin [mailto:pascal.quantin@xxxxxxxxx]
Sent: Wednesday, December 02, 2015 6:14 PM
To: Jagadeesan, Viswanathan
Cc: Developer support list for Wireshark
Subject: RE: Question regarding LTE RRC dissectors
Le 3 déc. 2015 12:06 AM, "Jagadeesan, Viswanathan" <vjagadee@xxxxxxxxxxxxxxxx> a écrit :
>
> Hi Pascal
>
>
>
> As know that wire shark call the RRC dissector if packet has RRC payload of MAC->RLC->PDCP, otherwise it wouldn’t invoke. We need something like
>
> Ethernet MAC + IP + UDP + LTE RRC instead of Ethernet MAC + IP + UDP + MAC +RLC + PDCP +RRC.
So you are definitely taking the wrong approach.
You could create a custom plugin registering on a given UDP port that would extract the from the UDP payload some meta data identifying the LTE RRC channel and the message payload, then calling the right dissector. All are registered by name (as seen in packet-lte-rrc.c)
and can be called from a plugin.
You should not try to duplicate LTE RRC code.
>
>
>
> Any suggestions.
>
>
>
> Thanks,Viswa
>
>
>
>
>
> From: Pascal Quantin [mailto:pascal.quantin@xxxxxxxxx]
> Sent: Wednesday, December 02, 2015 5:46 PM
> To: Jagadeesan, Viswanathan
> Cc: wireshark-dev@xxxxxxxxxxxxx
> Subject: Re: Question regarding LTE RRC dissectors
>
>
>
>
>
>
>
> 2015-12-02 23:36 GMT+01:00 Jagadeesan, Viswanathan <vjagadee@xxxxxxxxxxxxxxxx>:
>>
>>
>>
>>
>>
>> From: Jagadeesan, Viswanathan
>> Sent: Wednesday, December 02, 2015 5:35 PM
>> To: 'pascal.quantin@xxxxxxxxx'
>> Subject: Question regarding LTE RRC dissectors
>>
>>
>>
>> Hi
>>
>>
>>
>> followup question, it does the creation of dissector dll for RRC successfully, when it loads on wireshark , it throws a error: "The procedure entry point dissect_lpp_Ellipsoid_Point_PDU could not be located in the dynamic link libwireshark.dll "
>>
>> any suggestions.
>
>
>
> Hi,
>
> as explained in your question on ask.wireshark.org (https://ask.wireshark.org/questions/48152/lte-rrc-dissector-linker-issue) this
symbol is not exported by Wireshark. So your plugin will not work with a standard Wireshark version.
>
> You have not explained yet why you try to duplicate the already existing LTE RRC dissector. If your changes are intrusive enough to require accessing those functions, you should probably modify the source of LTE RRC dissector directly and compile your own
version of Wirehsark, rather than making a plugin. Or you will need to copy / paste plenty of code in your own plugin, but that could collide with the embedded dissector.
>
> But without knowing your own constraints, we cannot really confirm whether the choice to make a plugin was the best one or not.
>
>
>
> Best regards,
>
> Pascal.
>
>
