I was using a a user defined DLT (147).
Additionally, I tried the following test:
Step1:
In the dissector, I added the following code:
dissector_add("tcp.port", 10001, fooHandle);
Step 2:
I took a sample hex dump of my message and converted to pcap using text2pcap
e.g. : %text2pcap -l 147 myMsg.txt myMsg.pcap
Step3:
I then tried adding an entry to decode DLT 147 with the custom "Foo" dissector
(Edit->Preferences->Protocols>DLT_USER->Edit Encapsulations Table
However, wireshark was unable to find my dissector (although it is registered).
The above works when I use the following:
%text2pcap -T 10001,10001 myMsg.txt myMsg.pcap
However, I don't want the TCP headers added.
Any ideas on how to get this working with a user defined DLT? Thanks,
--Mahesh
_________________________________________________________________
Insert movie times and more without leaving HotmailĀ®.
http://windowslive.com/Tutorial/Hotmail/QuickAdd?ocid=TXT_TAGLM_WL_HM_Tutorial_QuickAdd_062009___________________________________________________________________________
Sent via: Wireshark-dev mailing list <[email protected]>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:[email protected]?subject=unsubscribe
