Re: [Wireshark-dev] Data from previous protocol

Sun, 11 Mar 2007 06:23:53 -0800 

looks promising, but:

        GString *error_string;
        gchar *temp;
        temp=(gchar *)g_malloc(10);
        sprintf(temp,"hello");
        error_string=register_tap_listener("ip", temp, "ip.version ==
4",myreset,mypacket,mydraw);
        
        if(error_string){
                fprintf(stderr, "Couldn't register ipsec 
%s\n",error_string->str);
                g_free(temp);
                g_string_free(error_string,TRUE);
                exit(1);
        }


drops runtime with:

Err  file syntax-tree.c: line 81 (sttype_lookup): assertion failed:
(result != NULL)

any idea why?

thanks,

On 3/11/07, ali alkhalidi <[EMAIL PROTECTED]> wrote:
> well, I'm trying to to verify an AH packet. I've pretty much
> structured the dissector but still I need the IP header information to
> compile a buffer along with the rest of the payload to verification
> module.
>
> I'm reading the README.tapping file right now, but was hoping to do it
> without touching the IP dissector
>
> thanks
>
> On 3/11/07, Richard van der Hoff <[EMAIL PROTECTED]> wrote:
> > ali alkhalidi wrote:
> > > the protocol I want data from is IP, and I'm intrested in at least the
> > > least 20 bytes (a normal non-fragmented IP datagram) of it, things
> > > that cover the basic things like packet-id, payload length, etc.
> >
> > The raw data isn't available to subdissectors. That's just not the way
> > Wireshark is designed to work - decoding the raw IP data should be done
> > once, by the IP dissector.
> >
> > Much of the data in the header is actually available; the source and
> > destination IP addresses are in pinfo->net_src and pinfo->net_dst; if
> > you need more, you may need to think about modifying the IP dissector.
> >
> > Have you considered registering an IP tap (see README.tapping)?  Such
> > taps are passed all the header information in an e_ip structure.
> >
> > Otherwise, I suggest you explain a bit more about what end result you
> > are trying to achieve.
> > _______________________________________________
> > Wireshark-dev mailing list
> > [email protected]
> > http://www.wireshark.org/mailman/listinfo/wireshark-dev
> >
>
_______________________________________________
Wireshark-dev mailing list
[email protected]
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Reply via email to