On Fri, Dec 28, 2007 at 10:47:57AM +0100, warlord wrote: > So all I am looking for now is a very simple example dissector which I > can compile and use in Linux. I hope/suppose I can find my way from > there. I do realize I can look at all the folders in trunk/, but they > seem to usually contain a gazillion lines of code. I'd prefer a > smaller example.
I would highly recommend trying to create a built-in dissector instead of a plug-in, at least for your first attempts, as it is much simplier to do. Either start with the dissector code in README.developer (starting with the "Cut here" text) or Copy a simple dissector such as LLT to a new name replacing <proto> with the name of your dissector. cp epan/dissectors/packet-llt.c epan/dissectors/packet-<proto>.c Then add packet-<proto>.c to epan/dissectors/Makefile.common under CLEAN_DISSECTOR_SRC (note that it's in alphabetical order). Then run make again and your dissector will be included. > My intention is to add a completely different set of functionality to > Wireshark, which could be quite useful for a bigger bunch of people. Great! Remember that dissectors only interpret protocols, if you want to add new GUI functionality to Wireshark for example, we'll need to show you a different set of sample files to go off of. Steve _______________________________________________ Wireshark-dev mailing list [email protected] http://www.wireshark.org/mailman/listinfo/wireshark-dev
