Hi all, i want to build my own protocol which will run over SCTP. But during the message encode-decode, i want to see those packets in Wireshark to debug my protocol stack. Is there any way to add my customized protocol by which i can see those decoded packets in Wireshark? I'm using Wireshark of version 1.10.1. asked 29 Jun '15, 09:16 baila |
One Answer:
Looking at the current master sctp dissector (which may be somewhat different to the old 1.10.1 version) a dissector can register with the sctp dissector either on a specific port or with a payload identifier (which must be different from those currently supported) or as a heuristic dissector. The dissector for your protocol can definitely be written in C, and possibly in Lua, but I'm not sure how good the Lua support is in your old version. The Developers Guide (for master, I'm not sure if a 1.10.x version is available) along with the README.xxx files in the doc directory of the source files gives details of writing C dissectors. You may find it easier to move to a more current version, as support for 1.10.x ended on 5th June 2015. answered 29 Jun '15, 09:44 grahamb ♦ |