This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

dissector for core to core messages, ie shared memory messages

0

I have to write a dissector for core to core messages. These are the messages send between nodes in a shared memory.

So on top of what protocol must this be based?? Is it possible that i design core to core in such a way that it is not based on top of any protocol at all??

Real Confusion, Please help anyone?? Sid

asked 15 Feb '11, 01:29

sid's gravatar image

sid
45192021
accept rate: 0%

Is that possible only if I am capturing in pcap format?? I have a trace to check out my output but that is in cap format.

By the way, I wrote the dissector for core to core messages. On compiling wireshark compiles perfectly fine. In my source code I have called the ethernet dissector. I have used the following lines.

//to call ethernet dissector

int reported_length;

reported _ length = tvb_length(tvb)-offset;

next _ tvb = tvb _ new _ subset(tvb, offset, reported_length, -1);

call _ dissector(eth _ withoutfcs _ handle, next _ tvb, pinfo,tree);

//In the proto_ reg_ handoff_ccm function

    dissector_handle_t ccm_handle;
    eth_withoutfcs_handle = find_dissector("eth_withoutfcs");

ccm_handle = new_create_dissector_handle(dissect_ccm, proto_ccm); dissector_add("wtap_encap", WTAP_ENCAP_CCM, ccm_handle);

However, when I run wireshark after compiling and open a trace that I have for core to core messages, it shows a blank trace. It says, no packets captured.

Is there a problem with my code?? Please help??

Thanks and Regards, Sidharth

(15 Feb ‘11, 05:44) sid
  1. I suggest that you move this discussion to the [email protected] mailing list. ask.wireshark.org is not really intended for extended discussions.

  2. When writing a dissector, the normal starting point is a specification of the protocol. Is there a specification ? Can you provide a link to same ?

3.If you only have a capture, things get more difficult.

re: “a trace that I have for core to core messages”

What does capinfos say about the trace ?

(Please use [email protected] to continue this discussion).

(15 Feb ‘11, 07:37) Bill Meier ♦♦

Hey Bill, (first, thanks indeed for your time. Really appreciate)

//I am giving you a specification of the protocol. And by the way, I have subscribed to wireshark-dev mailing list. I will move the discussion there. In the meantime, please keep the discussion alive. Thanks. And by the way, I am relatively new to this . So how to find out what capinfos say about the trace??

thanks,

typedef struct nspr_ c2ctrace_v23

{

    NSPR_HEADER3B_V22(c2c); /* long performance header */

u08bits c2c_MsgType_MsgPrio;/* Higher order 4 bits is for Type, Lower Order 4 bits for Priority */ u64bits c2c_AbsTimeHighHdr; /*High resolution absolute time in nanosec*/ u16bits c2c_MsgSizeOrg; u08bits c2c_MsgCoreid; /* Core on which this message captured */ u08bits c2c_Reserved[3]; u08bits c2c_SrcCoreid; u08bits c2c_DestCoreid; u08bits c2c_Message[0];

} nspr_ c2ctrace_ v23_t;

(15 Feb ‘11, 21:19) sid


One Answer:

0

Assuming you can capture into pcap format files, you can use one of the user defined DLT's (147-162). You can set in the Wireshark preferences, in DLT_USER, the relation between this DLT and your protocol dissector.

answered 15 Feb '11, 04:27

Jaap's gravatar image

Jaap ♦
11.7k16101
accept rate: 14%