Hi everyone, I am modifying a dissector plugin which used to work with wireshark version 1.10. But when I try to compile it wireshark 1.12-rc2 source code, it throws error regarding a missing structure element: Figured out that this element is no longer applicable for newer versions of wireshark. But I need to access the ethernet type from the packet I received. But the problem is, I am given the pointer buffer in the dissector just after the ethernet header. So cant use tvb_get_ptr. I used the following 2 functions to add my dissector: My dissector is working properly with the above 2 packet types. But I need to access those 2 packet types (0xABCD and 0xBDEF) to do some internal processing. So I went back to packet-ethertype.c to find out whats going on. Seems like this structure contains the packetype: Can I pass this structure element to my dissector? I tried it, but gives segment fault. Is there any other way to do it? Thanks in advance. asked 30 Jul '14, 13:20  kazi_hasan |
2 Answers:
Create two handles (one for each of the ethertypes) each pointing to a different function and do E.g., xmax_handle_abcd and xmax_handle_bdef answered 30 Jul '14, 13:30  Bill Meier ♦♦ edited 30 Jul '14, 13:35 |
A better/easier way is to use answered 31 Jul '14, 06:29  JeffMorriss ♦ |
Thanks for the reply. Actually I was thinking about this solution, but is there any way to access the packet type from the dissector itself?