I followed the online example here: http://www.wireshark.org/docs/wsdg_html_chunked/ChDissectAdd.html and managed to get my custom dissector working correctly. My results look like this in wireshark:
Serial Number: 0x0000001a57004eaf
Product ID: Radio Module (3)
Capabilities: Unknown (52)
Is there a way I can format 0x0000001a57004eaf to look like 00:00:00:1a:57:00:4e:af ?
If I can turn the 8 bytes in a string and format it that might work. I'm just not sure where to stick such a function to make it work with the foo example in the tutorial above. It's all still "magic" to me since I blindly followed the tutorial.
My other problem is the packets have a varying amount of capabilities. The packets can have any amount of capabilities from 1 to 5. Right now, I'm just reading the first capability because I'm not sure how to get the others. Is there a way to loop to the end of the packet, then proto_tree_add_item the entire array of capabilities? I'd like the capabilities to be on one line, if possible, like this: Capabilities: Human (4), Mobile (3), Trackable (1)
But even if they have to be on separate lines, I still need a way to loop through a varying amount of capabilities.
asked 31 Jul '13, 08:21
edited 31 Jul '13, 08:35
You might get away with calling
Assuming you know the length of your overall message and the length of each of your capability items, just loop over them reading data from the tvb, adding the item to the tree and incrementing your byte count (the variable offset in most cases) until the byte count you have read matches the total message length.
answered 31 Jul '13, 09:09