HI, I have written few lines of code to dissect tcp options ( ORBITAL_META_OPTION 0x18 Citrix-BR add this option) and it is working perfectly. I modified packet-tcp.c (wireshark\epan\dissectors\packet-tcp.c)
But the problem is, if someone want to see these feature he has to use my Wireshark ( compiled by me ). Now my manager suggested me to write a separate dissector and then DLL ( because DLL can be distributed easily). Now my final aim is to make a DLL. How should i do ??? Regards, asked 29 Aug '11, 23:32  Vikas edited 30 Aug '11, 12:57  helloworld |
One Answer:
packet-tcp is a built in dissector and can't be replaced with a DLL. To get your changes included in Wireshark for general distribution see the Developers Guide section 3.9.2 HERE which basically asks you to raise an enhancement request on Bugzilla and attach your changes as a patch for review. answered 30 Aug '11, 00:36  grahamb ♦ |
Distributing a DLL is easier than a customized Wireshark build, but maintaining a DLL release could be somewhat painful. DLLs must be compiled against a specific Wireshark version. So, a DLL for 1.4.6 won't necessarily run on 1.6.1 (or vice versa), and this version mismatch can cause Wireshark to fail. Every time Wireshark releases a new version, you have to recompile your DLL to ensure compatibility.
Consider writing a dissector with the Wireshark Lua API, which does not have this problem.