custom block and custom options

yaroni
1 ●1 ●3 ●5

I want to write a custom block in a pcapng file, that will be in json format.
I want the user to be able to filter messages by json key.

I can't find an example of a full dissector written that use register_pcapng_block_type_handler

Should i use the json dissector that already exist in wireshark as used in couchbase?

I also need to write json as custom options, in case we have a packet to write.
In this case the dissector should use register_pcapng_option_handler.

Comments

Might be out of date, but have you seen this wiki page?

grahamb ( 2020-06-23 13:13:50 +0000 )edit

yes i saw it, What about the question using the json dissector. And it is not full example.

yaroni ( 2020-06-23 13:32:29 +0000 )edit

@grahamb Does wireshark support custom block as specified in pcapng?

yaroni ( 2020-06-28 17:48:59 +0000 )edit

As per the Wiki page, there appears to be support, but I'm not aware of any examples of it being used.

grahamb ( 2020-06-28 19:53:29 +0000 )edit

Be the first one to answer this question!

Please start posting anonymously - your entry will be published after you log in or create a new account.