This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

tcp options ( how to make a separate DLL )

0

HI,

I have written few lines of code to dissect tcp options ( ORBITAL_META_OPTION 0x18 Citrix-BR add this option) and it is working perfectly.

I modified packet-tcp.c (wireshark\epan\dissectors\packet-tcp.c)

  • first i added required information in static const ip_tcp_opt tcpopts[] and static hf_register_info hf[]
  • then my own dissector function to dissect ORBITAL_META_OPTION ( 0x18)

But the problem is, if someone want to see these feature he has to use my Wireshark ( compiled by me ).

Now my manager suggested me to write a separate dissector and then DLL ( because DLL can be distributed easily).

Now my final aim is to make a DLL. How should i do ???

Regards,

asked 29 Aug '11, 23:32

Vikas's gravatar image

Vikas
1223
accept rate: 0%

edited 30 Aug '11, 12:57

helloworld's gravatar image

helloworld
3.1k42041

Distributing a DLL is easier than a customized Wireshark build, but maintaining a DLL release could be somewhat painful. DLLs must be compiled against a specific Wireshark version. So, a DLL for 1.4.6 won't necessarily run on 1.6.1 (or vice versa), and this version mismatch can cause Wireshark to fail. Every time Wireshark releases a new version, you have to recompile your DLL to ensure compatibility.

Consider writing a dissector with the Wireshark Lua API, which does not have this problem.

(30 Aug '11, 12:56) helloworld

One Answer:

1

packet-tcp is a built in dissector and can't be replaced with a DLL.

To get your changes included in Wireshark for general distribution see the Developers Guide section 3.9.2 HERE which basically asks you to raise an enhancement request on Bugzilla and attach your changes as a patch for review.

answered 30 Aug '11, 00:36

grahamb's gravatar image

grahamb ♦
19.8k330206
accept rate: 22%