Sorry! Forgot to change the subject in my previous post :-(
On 1/29/07, Abhik Sarkar <[EMAIL PROTECTED]> wrote: > > Date: Sun, 28 Jan 2007 14:57:58 +0800 > > From: Jeff Morriss <[EMAIL PROTECTED]> > > Subject: Re: [Wireshark-dev] Dissector for Cisco ITP packet logging > > facility > > Abhik Sarkar wrote: > > [...] > > > Now, since wireshark can already dissect syslog packets and mtp > > > packets, I thought of combining the two. > > > > Cool, I think that would be a useful addition to Wireshark. However I > > suspect that a separate dissector is not a good idea but your changes > > would have to be merged into the existing syslog dissector (which > > appears easy since that's where you started). Could you provide a > > (small) sample capture file to test with (you could send it to > > the list or to me privately if you prefer)? > > Hi Jeff, > > Thanks for the reply. I agree with you... however, since this is the > first time I am playing around with wireshark code, I did not want to > "pollute" the code of a stable dissector. However, since paklog isn't > really a protocol in itself, it would be fine to extent the syslog > dissector. > > I will send you a capture seperately (as it might have potentially > network sensitive information). > > I have also been trying to find out a way to get the syslog dissector > to tells all subsequent dissectors that the byte array was generated > and not present in the actual capture and hence to mark their protocol > tree items using the PROTO_ITEM_SET_GENERATED macro, but have so far > been unsuccessful. Perhaps you have some ideas on this. > > Best regards, > Abhik. > _______________________________________________ Wireshark-dev mailing list [email protected] http://www.wireshark.org/mailman/listinfo/wireshark-dev
