i have ByteArray of TCP payload (diameter message),(using getByteArray API on Diameter request message) now i want to dissect and print the diameter data. i have looked into the code of wireshark, could not find any way to do it. please suggest some way to do it. thanks asked 25 Mar '14, 04:44  Sanny_D |
2 Answers:
have done it using wireshark dissector code. answered 04 Apr '14, 08:16 Sanny_D hm.. answering your own question with a status update and accepting that, isn't exactly how this site works. Please read the FAQ: (04 Apr '14, 08:58) Kurt Knochner ♦ dint find this in faq, well,i it did on purpose, so that it can help others, (04 Apr '14, 09:23) Sanny_D |
as I see it, you have the following options:
Regards answered 27 Mar '14, 11:59  Kurt Knochner ♦ thanks kurt! what i am trying to do is , calling dissect_diameter_tcp (tvb,pinfo, tree)) API with each argument initialized with required values, is this correct approach, i am not sure if i can populate these structures with correct values. (30 Mar '14, 22:16) Sanny_D |
What's wrong with the built in dissector? You can add your own .xml files to dissect vendor AVPs.
my question did not sound clear, sorry for that.
i am not using wireshark directly,actually, i have written a C code to dissect network packet,
on the C++ Diameter request object i called getByteArray API and stored it in a memory area, clearly it doesnt contain ether,ip,tcp/udp header information.
now i want to dissect this ByteArray using wireshark API.
how to do it.
See if I got this right, you have extracted the bytes of a Diameter PDU into a buffer in your program and now you want to use Wiresharks code as a library to "dissect" these bytes by calling some API in libwireshark? I'm not sure that would be trivial.
this is exactly what i want to do. using libwireshark i have done dissection of pcap packets (whole) before, but coudnt find a way to directly dissect ByteArray. is this possible