Hello, I would first get the code built and try running wireshark. Then, figure out if your protocol runs atop of another protocol. For instance, http runs atop of TCP. Then, use the skeleton code provided. I would first get the minimum code written and see if that builds. Check to see if your proto is registered with wireshark and what not. Then this is where you experiment with all those functions. The best way to know how to use them is to try em and read the readme. I recommend this web page, http://www.codeproject.com/KB/IP/custom_dissector.aspx?fid=433815&df=90&mpp=25&noise=3&sort=Position&view=Quick&select=2259002. Use his code and play with it.
-martin -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Luis EG Ontanon Sent: Thursday, June 19, 2008 10:59 AM To: Developer support list for Wireshark Subject: Re: [Wireshark-dev] Function explanation of WireShark Use the SOUrce young padawan... what about tvbuff.h 2008/6/19 Jiabin Liao <[EMAIL PROTECTED]>: > Hi, > > Recently, I want to write a plug-in for WireShark. But I can do it > smoothly, for I always could not understand the examples in the source > packeg, such as packet-udp.c. The problem is I can find the > explanation of many functions, such as > tvb_reported_length_remaining()ćdissector_try_heuristic(), and so on. README > files do not explain how to use them. > > Where can I find the explanation? > > Jiabin. > _______________________________________________ > Wireshark-dev mailing list > [email protected] > https://wireshark.org/mailman/listinfo/wireshark-dev > > -- This information is top security. When you have read it, destroy yourself. -- Marshall McLuhan _______________________________________________ Wireshark-dev mailing list [email protected] https://wireshark.org/mailman/listinfo/wireshark-dev _______________________________________________ Wireshark-dev mailing list [email protected] https://wireshark.org/mailman/listinfo/wireshark-dev
