Hi, i am working on a cutstom dissector plugin for wireshark and i am wondering how error control is implemented with the wireshark API. I have read some of the documentation, mainly README.developer and README.plugin but i cant find anthing there about it. To give an example of what i want to do: Standard in wireshark if the packet being dissected isn't following the protocol for any reason it just say "Malformed Packet". I have some cases where i know it can go wrong and i would like to have different error messages for theese cases. For example if a field that is being read as as the length of the rest of the packet or similar and it doesnt add up, i would like to specify what the user are being told the reason for this is. Also if it is possible i would like it to show where it went wrong in the hex table. Is there methods to use for this ? Best Regards Kit |
Use Expert info, PI_PROTOCOL . Note the Export info API is undergoing changes in trunk. Okej thanks, if it isnt to much to ask i would appreciate a code example if you know where i can find one. Otherwhise thanks for the response.
(10 Jul '13, 06:47)
Kitg
Beeing lazy I just picked a checkin of updates to use the new API. just check changed code in any file http://anonsvn.wireshark.org/viewvc/viewvc.cgi?view=rev&revision=50454 See also expert.c in epan/
(10 Jul '13, 07:52)
Anders ♦
Thanks alot Anders.
(10 Jul '13, 23:14)
Kitg
|
I found out that expert infos probably is the way to go here. Can some one show me an easy example of how this is used ?