for historical reasons we used version 1.0.8 wireshark ( I think it was the officially delivered one with a specific version of redhat we were using) I created a set of dissectors specific to ATC interfaces. (AFTN,FMTP etc) These were compiled under centos and windows and worked well with both under wireshark 1.0.8. We have now upgraded(!) to redhat 6.3 which comes with wireshark 1.2.15. I have now rebuilt under windows(win7 64bit) the dissectors with 1.2.15 src and they work well. However having rebuilt the dissectors under centos 6.3 (64bit) they compile and link fine but coredump when the capture files are read in under the same centos 6.3(under vmplayer). It is specific to a dissector which calls other registered dissectors and looking at the decode_as option it seems that some of the called dissectors do not appear to have registered correctly. I know I am way behind the curve but I was hoping someone might know if 1.2.15 had any quirks WRT called dissectors or the way they are registered. okay rather than keep replying to myself i shall add comments to original. The fix i mentioned below does not work on the delivered version of wireshark 1.2.15 as installed by yum. I even uninstalled both wireshark and the gnome addon to see if that had any effect. I have removed the offending .so file from /usr/local/lib/wireshark/plugins/1.2.15 and it runs up and loads the file in okay. Back to the original problem. asked 20 Feb '13, 01:02  spotthemaniac edited 20 Feb '13, 04:16 |
One Answer:
turns out that the guy that wrote the asterix dissectors had used the same name in the proto_reg_handoff routines which bizarrely did not affect the windows version but failed with the redhat/centos version. All now have unique names and there are no problems! answered 26 Feb '13, 06:29 spotthemaniac and yes i did use the new makefile templates which had very little changes to them thanks. (26 Feb '13, 06:30) spotthemaniac |
This looks bad I have found out why! The find_dissector() call was implemented in the proto_reg_handoff_<plugin_name> routine and it appears this does not work in this version on centos. maybe the order that the libraries are loaded? I have changed to find_dissector call to be in the actual dissector code and it now calls the other dissectors correctly. Is this now a correct implementation or a fudge? ! a fudge that does not work so it seems!
Have you compared your makefiles with the ones of plugins in 1.2 and the register and register_handoff routines? also check that the genarted plugin.c looks ok.
thanks i will do that as soon as i can. I did do an autogen.sh, ./configure, make, after i had copied over the offending dissector directories but you may have a point. will copy over some makefiles from example in 1.2 and remake.