Hi all, I have a packet in hex string format, how do i create the three data format required (tvb, pinfo and tree) in order to pass it to a dissector? I have come across this mail and thought of using the function Any help and guidance is appreciated. Thank you Regards, Eddie Choo asked 03 Aug '11, 03:12  eddie choo edited 04 Aug '11, 16:15  helloworld |
One Answer:
How is your dissector called? I.e., is it called from TCP, UDP, its own data link type, or some other method? If you can convert the hex string to a format answered 04 Aug '11, 09:42  Gerald Combs ♦♦ Hi Gerald, basically my task is to design a program which filters massive real time packets with high speed. So i thought of minimizing the dissectors, by modifying them to suit my needs. My input will be hex string and i dont need the whole dissector to dissect my packet as the criteria of my filters are only limited to 1 information field. My temporary solution is to modify the Eddie Choo (04 Aug '11, 19:25) eddie choo |
Can you clarify? What do you mean by "you have a packet in hex string format? Can you supply an example packet/file/whatever?
03b1682daa0980030e160b129500120426180610030208120600120456497341623f4 804ba1411b66b1e281c060700118605010101a011600f80020780a1090607040000010 002036c17a115020100020103a30d040825054373236300f50a0100Here you goWhere does this data come from - a .pcap file, a text file, or somewhere else?
I got this raw hex string from other sources, and i need to feed it directly into the dissector.