You have a new link-layer, the HTTP-request link-layer. You'd have to support that in wiretap, so that wiretap can pass wireshark this data.
Then set things up so that the frame dissector in packet-frame.c calls your http_request dissector when the HTTP-request link-layer is seen. I suspect you'll also need a new file format, or at least a modified one, to be supported in wiretap. --gilbert On 8/30/06, Michael <[EMAIL PROTECTED]> wrote: > Hi, > > For a project, I need to be able to dissect an application stream, of > say, http. So I have e.g. the http-request (*not* the headers of the > underlying protocols), and I would like to be able to dissect this > request into a tree (which I imagine the dissect_http function would > create). This requires a different entry in the dissection mechanism > (different than providing a fully headered packet using a capture file > as is normally done). > > I can imagine this is done before, but I can't find it. If not, would > this be possible in your opinion? Or can someone give me a hint how to > start. The problem is that the complexity of (t)ethereal/wireshark makes > it difficult to now where to start. Maybe a very simple example of a > program which dissects a packet (then i could be able to find out how to > hack it into my preference). Tethereal is already quite complex for me... > > Michael > _______________________________________________ > Wireshark-dev mailing list > [email protected] > http://www.wireshark.org/mailman/listinfo/wireshark-dev > > _______________________________________________ Wireshark-dev mailing list [email protected] http://www.wireshark.org/mailman/listinfo/wireshark-dev
