Wireshark-users: Re: [Wireshark-users] Writing/sharing dissectors
From: Jaap Keuter <[email protected]>
Date: Fri, 27 Apr 2007 20:33:47 +0200 (CEST)
Hi,

Better use the skeleton code found in chapter 1.2 of the README.developer
file in /doc. Also name the dissector sourcefile packet-foo.c i.s.o.
plugin.c, because that name is already used for the autogenerated plugin
adapter code.

Sharing the executable dissector is indeed as simple as sharing the DLL /
Shared Object file.

Also check out the Custom.nmake.example.

Thanx,
Jaap

On Fri, 27 Apr 2007, Kobboi wrote:

> Jaap, Ulf,
>
> Thanks for your reply.
>
> About the writing... To get started I concatenated the code from Example
> 9.1 through 9.4 of the Wireshark Developer's Guide and put it in a
> plugin.c file. I then updated the Makefiles and such according to
> README.plugins. Compilation fails with:
>
> plugin.c:67: error: static declaration of 'dissect_foo' follows non-static
> declaration
> plugin.c:12: error: previous declaration of 'dissect_foo' was here
>
> Removing the "static" below or adding it above just creates another bunch
> of errors about multiple declarations. What obviously simple thing am I
> overlooking?
>
> About the sharing... I was kind of hoping that dissectors had their own
> kind of description language (something in XML maybe), making it easy to
> share them, even over different platforms: just copy the description file.
> Since dissectors seem to have to be written in C, I guess this is out of
> the question. Or is sharing a plugin just a question of copying a DLL file
> on Win32, or copying a .so file on similar Linux platforms?
>
> Regards,
>
> Kobboi
>
>
>
>
> > Hi,
> >
> > For a more extensive answer, after reading said website, there's not
> > really a roadmap to a dissector. Much depends on the situation.
> > First you'll have to choose the way you want to deploy you dissector. My
> > guess would be a plugin dissector in your case, rather then build in.
> >
> > Another choice is style, based on the complexity of the protocol. Very
> > simple protocols can use a simple pvt_cursor style, medium to complex ones
> > can use proto_tree_add_item calls, while ASN.1 based protocol can have a
> > generated dissector.
> >
> > Have some shared code repository for your dissector, that way you can
> > easily share the code and build on the two platforms. They're not that
> > different, thanks to glib, apart from the build scripts. See the developer
> > guide to setup your windows build environment, and the README.* in /doc in
> > the source tree for all kinds of inside info.
> >
> > Thanx,
> > Jaap
> >
> > On Wed, 25 Apr 2007, Ulf Lamping wrote:
> >
> >> Kobboi wrote:
> >> > Hello,
> >> >
> >> > Some very basic questions, hope you don't mind my asking them...
> >> >
> >> > Where can I find a recent HOWTO on writing your own dissector for a
> >> > proprietary protocol? Is there some basic roadmap that can help me
> >> keep
> >> > an overview and not lose the way?
> >> >
> >> > When I have finished writing it, how do I easily share my dissector?
> >> > Does everyone who wants to use it need to recompile their Wireshark?
> >> Any
> >> > important Windows/Linux differences? (I'll need to support both
> >> > platforms)
> >> >
> >> > Thanks for the info!
> >> >
> >> >
> >> See: http://wiki.wireshark.org/Development
> >>
> >> Regards, ULFL
>
>
>
> _______________________________________________
> Wireshark-users mailing list
> [email protected]
> http://www.wireshark.org/mailman/listinfo/wireshark-users
>
>