This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

New Plugin development

0

Hi,

I have just registered the plugin. But I am not sure if the dissector function is getting called. First of all is there any way to debug through logs or any other method while developing plugin.

void
proto_reg_handoff_c2c(void)
{
  static gboolean initialized = FALSE;
  static dissector_handle_t c2c_handle;
  static dissector_handle_t raw_user_handle;
  static dissector_handle_t sll_user_handle;
  static guint c2c_ethertype;
  static guint c2c_ethertype2;

if (!initialized) {
c2c_handle = create_dissector_handle(dissect_c2c, proto_c2c);
raw_user_handle = create_dissector_handle(dissect_raw_user, proto_c2c);
sll_user_handle = create_dissector_handle(dissect_sll_user, proto_c2c);
dissector_add_handle("ethertype", c2c_handle);
//    dissector_add("wtap_encap", WTAP_ENCAP_RAW_IP, find_dissector("user_dlt"));


// The following two are needed to hook up the hacks for the wave-raw interface to wireshark
// by taking over the RAW and SLL encapsulations.
// This could cause trouble with "real" RAW or SLL captures, but can be simply fixed by deactivating the plugin.

dissector_add("wtap_encap", WTAP_ENCAP_RAW_IP, raw_user_handle);
dissector_add("wtap_encap", WTAP_ENCAP_SLL, sll_user_handle);

initialized = TRUE;



} else {
if (c2c_ethertype != 0) {
dissector_delete("ethertype", c2c_ethertype, c2c_handle);
}
if (c2c_ethertype2 != 0) {
dissector_delete("ethertype", c2c_ethertype2, c2c_handle);
}
}
if (global_c2c_ethertype != 0) {
dissector_add("ethertype", global_c2c_ethertype, c2c_handle);
}
if (global_c2c_ethertype2 != 0) {
dissector_add("ethertype", global_c2c_ethertype2, c2c_handle);
}
c2c_ethertype = global_c2c_ethertype;
c2c_ethertype2 = global_c2c_ethertype2;
}

The code has been provided. I have to add more dissectors. It is mentioned here that ethertype packets are going to be handled. I am not sure because I am passing the logs and I dont see anything shown in wireshark application. Please anyone could help me in this.

asked 28 May ‘14, 04:30

Amit%20Bhanja's gravatar image

Amit Bhanja
11224
accept rate: 0%

edited 28 May ‘14, 04:40

grahamb's gravatar image

grahamb ♦
19.8k330206

You know you can have your code visualised as code by indenting it with 4 spaces? (This makes it way easier to read)

(28 May ‘14, 04:37) xtofl

Or by highlighting the code in question and hitting the “code” format button, or by adding the < code >< /code > tags around the code.

Keeps me busy though reformatting all the stuff.

(28 May ‘14, 04:42) grahamb ♦

Thanks for the comment, I will keep this in mind for the next time.

(28 May ‘14, 04:53) Amit Bhanja