Ask Your Question
0

Add input parameter to tshark/sharkd

asked 2020-04-26 06:14:00 +0000

yaroni gravatar image

updated 2020-04-26 15:57:16 +0000

I want to add an input parameter to tshark command line and to sharkd as json.

For example:

tshark -new_param_name=new_param_value

In sharkd it will be a new parameter in json file

I want to be able to use these new_param_name/new_param_value in a dissector code ( for example epan/dissectors/packet-gsm_map.c)

What is the correct way to add this parameter in wireshark code? Is there an include file with all global parameters, or special struct defined for this purpose?

Answer: I found that this is the way to send the parameter from command line tshark -o "gsm_sms.new_parameter_name: TRUE"

And in code for example in dissector packet-gsm_map.c prefs_register_bool_preference(gsm_sms_module, "new_parameter_name", "new parameter name", "new parameter description", &global_variable_definition);

My new question is how do i add a parameter that is available by all dissectors ? I want to pass tshark -o "new_parameter_name: TRUE"
without the dissector so it can be used by different dissector, it is relevant to different dissector

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2020-04-26 07:03:36 +0000

Jaap gravatar image

They way to influence dissectors is to setup or add to the dissector preferences for that dissector. This exposes the setting to the command line as -o <name>:<value>, where name is the preference name, such as protocol.pref_name and value the value of the type of the preference.

edit flag offensive delete link more

Comments

Thank you for your answer

  1. So i don't need to add code in the tshark.c?
  2. How do i refer to it in the dissector code?
  3. The preference i want to add is general, not specific to a special decoder.
yaroni gravatar imageyaroni ( 2020-04-26 07:07:39 +0000 )edit

My new question is how do i add a parameter that is available by all dissectors ? I want to pass tshark -o "new_parameter_name: TRUE"
without the dissector so it can be used by different dissector, it is relevant to different dissector

yaroni gravatar imageyaroni ( 2020-04-26 15:57:36 +0000 )edit

a parameter that is available by all dissectors ?

I.e., this parameter will be relevant to every single dissector in Wireshark, and every single dissector that will ever be added to Wireshark? Or is it just relevant to a small set of dissectors?

Guy Harris gravatar imageGuy Harris ( 2020-04-28 18:16:36 +0000 )edit

Multiple not all dissectord. But I want user to set only one parameter in preference. And not to set multiple parameter.

yaroni gravatar imageyaroni ( 2020-04-28 22:33:02 +0000 )edit

What are the dissectors? Perhaps the best way to do it is to have a preference for one dissector and have other dissectors look at it.

Guy Harris gravatar imageGuy Harris ( 2020-04-28 23:35:52 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2020-04-26 06:14:00 +0000

Seen: 575 times

Last updated: Apr 26 '20