i have implemented a sniffer in an fpga that captures the data packets on a RS-485 token network, packs them into ethernet packets, and sends them to a workstation. my idea now is to write a plugin for wireshark that analyzes these packets. i have already downloaded c++ compiler, wireshark source code, and anything else (like explained in the developer guide) and managed to build wireshark. but i'm struggling with my own dissector and need someones help.
according to chapter 9.2 (Adding a basic dissector) in this guide or chapter 1.2 (Skeleton code) in the README file, the dissector has to be associated with some parent subfield (in the example this is "udp.port"). i'm sending raw ethernet packets (no TCP/IP or UDP protocol ant therefore no ports), so how do i have to use the dissector_add() function? i couldn't find a manual to all these functions and hope that someone has experience in writing a plugin for a "user protocol" thanks for the help lukas p.s. maybe it helps to give you my ethernet frame format: 6 bytes dest. address 6 bytes source address 2 bytes length 19 bytes data 27 bytes 0x00 (so that the ethernet frame is large enough) 4 bytes FCS _______________________________________________ Wireshark-dev mailing list [email protected] https://wireshark.org/mailman/listinfo/wireshark-dev
