Hi, i am working on a cutstom dissector plugin for wireshark and i am wondering how error control is implemented with the wireshark API. I have read some of the documentation, mainly README.developer and README.plugin but i cant find anthing there about it. To give an example of what i want to do: Standard in wireshark if the packet being dissected isn't following the protocol for any reason it just say "Malformed Packet". I have some cases where i know it can go wrong and i would like to have different error messages for theese cases. For example if a field that is being read as as the length of the rest of the packet or similar and it doesnt add up, i would like to specify what the user are being told the reason for this is. Also if it is possible i would like it to show where it went wrong in the hex table. Is there methods to use for this ? Best Regards Kit asked 10 Jul '13, 04:22  Kitg edited 10 Jul '13, 04:23 |
One Answer:
Use Expert info, PI_PROTOCOL . Note the Export info API is undergoing changes in trunk. answered 10 Jul '13, 06:41  Anders ♦ Okej thanks, if it isnt to much to ask i would appreciate a code example if you know where i can find one. Otherwhise thanks for the response. (10 Jul '13, 06:47) Kitg Beeing lazy I just picked a checkin of updates to use the new API. just check changed code in any file http://anonsvn.wireshark.org/viewvc/viewvc.cgi?view=rev&revision=50454 See also expert.c in epan/ (10 Jul '13, 07:52) Anders ♦ Thanks alot Anders. (10 Jul '13, 23:14) Kitg |
I found out that expert infos probably is the way to go here. Can some one show me an easy example of how this is used ?