Ask Your Question
0

Why is registering dissector w/(WTAP_ENCAP_USER0) in code not working?

asked 2020-02-25 00:14:31 +0000

NetBank gravatar image

updated 2020-02-25 19:25:00 +0000

Guy Harris gravatar image

The plugin shows up under Enabled Protocols.. However, the packet columns; protocol, source, destination, and info are blank.

It never enters dissect_con15 function..

This code was never modified and it worked for Wireshark v3.0.8. When I was required to build v3.2.1 it hasn't worked since.

Has there been any changes that relate to the WTAP_ENCAP_USER0 encapsulation?

edit retag flag offensive close merge delete

Comments

Register-handoff routine:

void proto_reg_handoff_con15(void) {

            dissector_handle_t con15_handle;

            con15_handle = create_dissector_handle(dissect_con15, proto_con15);
            dissector_add_uint("wtap_encap",WTAP_ENCAP_USER0,con15_handle);
        }
NetBank gravatar imageNetBank ( 2020-02-25 00:15:19 +0000 )edit

Register routine:

void proto_register_con15(void)
    {

        module_t *con15_module;
        proto_con15 = proto_register_protocol("con15 Protocol",
                                                "con15",
                                                "con15");

        proto_register_field_array(proto_con15, hf, array_length(hf));
        proto_register_subtree_array(ett, array_length(ett));

        con15_module = prefs_register_protocol(proto_con15, NULL);

        con15_address_type = address_type_dissector_register("AT_CON15", "CON 15 Address", con15_addr_to_str, con15_addr_str_len, NULL, NULL, NULL, NULL, NULL);

        con15_dissector_table = register_dissector_table("con15.addr",
            "CON 15", proto_con15, FT_UINT8, BASE_DEC);
    }
NetBank gravatar imageNetBank ( 2020-02-25 00:19:40 +0000 )edit

1 Answer

Sort by ยป oldest newest most voted
0

answered 2020-02-25 15:10:34 +0000

Anders gravatar image

I think the problem is that the user dlt dissector owerrides your registration. Remove that line and register your disector by name register_dissector("con15", dissect_con15, proto_con15); then use edit->preferenses->protocols->DLT_USER and add your protocol name for User 0.

edit flag offensive delete link more

Comments

Thanks so much, Anders! This wasn't necessarily the solution, but it DEFINITELY helped me track down the issue.

There was another plugin using the WTAP_ENCAP_USER0... It was from an old plugin I wrote that I must have included when I CMake the new 3.2.1 Wireshark.

As soon as i found it, it worked perfectly. Don't need to resort to using DLT_USER, either.

NetBank gravatar imageNetBank ( 2020-02-25 18:21:33 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2020-02-25 00:14:31 +0000

Seen: 171 times

Last updated: Feb 25