Re: [Wireshark-dev] New Protocol encapsulation as plugin

On Jan 27, 2021, at 3:16 AM, Björn wrote: > we use a custom dissector to analyze custom protocol traffic. However, to > further increase the usability, we need to add protocol analysis specific GUI > elements. For now, we are not aware of a way to add a first level plugin > which can be calle

Re: [Wireshark-dev] New Protocol encapsulation as plugin

I was talking about live capture and how to generate statistic plugins for them. USER_DLTs will certainly work in that regard. regards > Am 27.01.2021 um 14:06 schrieb Björn > : > >  > Hello Roland, > > thank you for your answer, but this will not work for me, because i need to > dissect

Re: [Wireshark-dev] Dissector functions and variables that could be static

Even in that tree/version (which is from 9 years ago), packet-xml.c doesn't call the function itself. I don't see any out-of-tree commits to packet-xml.c in the history of that tree. The only file that includes packet-xml.h is packet-xmpp-utils.h (which is included by various XMPP dissectors), but

Re: [Wireshark-dev] New Protocol encapsulation as plugin

Hello Björn, if you goal is to dissect non-pcap custom file it is also possible. You can have wiretap plugin type which reads your data format as packets and then these packets can be dissected with the epan plugin. Best regards,  Tomas -- Původní e-mail -- Od: Björn

Re: [Wireshark-dev] Dissector functions and variables that could be static

Hi, Did some googling out of curiosity and found https://jelmer.uk/klaus/wireshark/blob/e738b556d72d4db5d7df85969c15117dedd0d063/epan/dissectors/packet-xml.c Search for “xml_get_attrib" So it seems it was part of packet-xml.c at some point so perhaps safe to remove… /Anders From: Wireshark

Re: [Wireshark-dev] New Protocol encapsulation as plugin

Hello John, thank you for this idea. This is a way i haven't thought about and this could really be the answer for me, but i have still a problem with my custom dissector. I am not able to find my dissector in the preferences dialog for the DTL_USER link type. I call the register_dissector()

Re: [Wireshark-dev] New Protocol encapsulation as plugin

Hello Roland, thank you for your answer, but this will not work for me, because i need to dissect a first level protocol and couldn't open the file to dissect. But i think, as mentioned by John Thacker, to use the USER_DLT will take function. Best regards, Björn Am 27.01.21 um 12:30 schri

Re: [Wireshark-dev] Dissector functions and variables that could be static

Hi *João,* *I agree that every function / variable needs to be looked at carefully, but more so if they have *WS_DLL_PUBLIC in a header file. I will reinstate the XML functions in my change. Hopefully, in other places I will find clear comments saying that they are provided for calling from priv

Re: [Wireshark-dev] New Protocol encapsulation as plugin

On Wed, Jan 27, 2021 at 6:16 AM Björn < bjoern.peter...@missinglinkelectronics.com> wrote: > Hi, > > we use a custom dissector to analyze custom protocol traffic. However, to > further increase the usability, we need to add protocol analysis specific > GUI elements. For now, we are not aware of a

Re: [Wireshark-dev] Dissector functions and variables that could be static

Hi Martin, As you said some functions may only be used by third party plugins so indiscriminately removing every exported but not used function would be a bad policy. Even if they're not actually being used right now, who knows, they may be part of some public API for plugins, so for use as n

Re: [Wireshark-dev] New Protocol encapsulation as plugin

Hi Björn I realized something similar by implementing a tap interface in the original protocol and a UI using a similar code as in the plugin “pluginifdemo” Would it be possible to go that route? Regards, Roland > Am 27.01.2021 um 12:17 schrieb Björn > : > >  > Hi, > > we use a custom dis

[Wireshark-dev] New Protocol encapsulation as plugin

Hi, we use a custom dissector to analyze custom protocol traffic. However, to further increase the usability, we need to add protocol analysis specific GUI elements. For now, we are not aware of a way to add a first level plugin which can be called through an encapsulation type from a pcap fi

Re: [Wireshark-dev] Dissector functions and variables that could be static

My most recent MR ( https://gitlab.com/wireshark/wireshark/-/merge_requests/1829), has come across some symbols that don't appear to be in used by our repo. dpkg-gensymbols: error: some symbols or patterns disappeared in the symbols file: see diff output below 4934