This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Hi,

I have just registered the plugin. But I am not sure if the dissector function is getting called. First of all is there any way to debug through logs or any other method while developing plugin.

void
proto_reg_handoff_c2c(void)
{
  static gboolean initialized = FALSE;
  static dissector_handle_t c2c_handle;
  static dissector_handle_t raw_user_handle;
  static dissector_handle_t sll_user_handle;
  static guint c2c_ethertype;
  static guint c2c_ethertype2;

  if (!initialized) {
    c2c_handle = create_dissector_handle(dissect_c2c, proto_c2c);
    raw_user_handle = create_dissector_handle(dissect_raw_user, proto_c2c);
    sll_user_handle = create_dissector_handle(dissect_sll_user, proto_c2c);
    dissector_add_handle("ethertype", c2c_handle);
//    dissector_add("wtap_encap", WTAP_ENCAP_RAW_IP, find_dissector("user_dlt"));

    // The following two are needed to hook up the hacks for the wave-raw interface to wireshark
    // by taking over the RAW and SLL encapsulations.
    // This could cause trouble with "real" RAW or SLL captures, but can be simply fixed by deactivating the plugin.

    dissector_add("wtap_encap", WTAP_ENCAP_RAW_IP, raw_user_handle);
    dissector_add("wtap_encap", WTAP_ENCAP_SLL, sll_user_handle);

    initialized = TRUE;
  } else {
    if (c2c_ethertype != 0) {
      dissector_delete("ethertype", c2c_ethertype, c2c_handle);
    }
    if (c2c_ethertype2 != 0) {
      dissector_delete("ethertype", c2c_ethertype2, c2c_handle);
    }
  }
  if (global_c2c_ethertype != 0) {
    dissector_add("ethertype", global_c2c_ethertype, c2c_handle);
  }
  if (global_c2c_ethertype2 != 0) {
    dissector_add("ethertype", global_c2c_ethertype2, c2c_handle);
  }
  c2c_ethertype = global_c2c_ethertype;
  c2c_ethertype2 = global_c2c_ethertype2;
}

The code has been provided. I have to add more dissectors. It is mentioned here that ethertype packets are going to be handled. I am not sure because I am passing the logs and I dont see anything shown in wireshark application. Please anyone could help me in this.

asked 28 May '14, 04:30

Amit%20Bhanja's gravatar image

Amit Bhanja
11224
accept rate: 0%

edited 28 May '14, 04:40

grahamb's gravatar image

grahamb ♦
19.8k330206

You know you can have your code visualised as code by indenting it with 4 spaces? (This makes it way easier to read)

(28 May '14, 04:37) xtofl

Or by highlighting the code in question and hitting the "code" format button, or by adding the < code >< /code > tags around the code.

Keeps me busy though reformatting all the stuff.

(28 May '14, 04:42) grahamb ♦

Thanks for the comment, I will keep this in mind for the next time.

(28 May '14, 04:53) Amit Bhanja
Be the first one to answer this question!
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×1,620
×637
×173

question asked: 28 May '14, 04:30

question was seen: 1,608 times

last updated: 28 May '14, 04:53

p​o​w​e​r​e​d by O​S​Q​A