Ask Your Question
0

Dissector: register a name for a ethertype

asked 2021-09-03 12:01:25 +0000

doragasu gravatar image

updated 2021-09-06 06:27:04 +0000

I am making a new dissector, that is triggered on an specific ethertype. I register it like this:

```c

static dissector_handle_t foo_handle;

foo_handle = create_dissector_handle(dissect_foo_sos, proto_foo_sos);
dissector_add_uint("ethertype", FOO_PROTO_ETHERTYPE, foo_handle);

```

The dissector works great, but when browsing the capture, the llc.type type corresponding to the ethertype I am parsing, is shown as Type: Unknown (0x1234).

Is there a way to register a protocol name for this specific ethertype?

edit retag flag offensive close merge delete

Comments

Is that really your code? The "foo"s and the "wiyo"s don't seem to match up.

See the end of packet-aarp.c for a simple example.

Chuckc gravatar imageChuckc ( 2021-09-03 14:57:16 +0000 )edit

No, sorry, I have corrected it.

doragasu gravatar imagedoragasu ( 2021-09-06 06:27:19 +0000 )edit

2 Answers

Sort by ยป oldest newest most voted
0

answered 2021-09-03 20:51:12 +0000

Guy Harris gravatar image

You'd have to modify the etype_vals[] table in epan/dissectors/packet-ethertype.c and recompile Wireshark; unfortunately, there's currently no way for code outside Wireshark to add entries to that table.

edit flag offensive delete link more

Comments

Oh, that's unfortunate I cannot do it inside the dissector plugin. Thanks for digging into it!

doragasu gravatar imagedoragasu ( 2021-09-06 06:28:55 +0000 )edit
0

answered 2021-09-03 12:52:20 +0000

hugo.vanderkooij gravatar image

A quick dig around seems to indicate that you need to go for the source code. I found the ethertypes listed in an include file but no reference to a config file to add your own.

edit flag offensive delete link more

Comments

Too bad there is not an interface for plugins. Thanks!

doragasu gravatar imagedoragasu ( 2021-09-06 06:29:13 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2021-09-03 12:01:25 +0000

Seen: 99 times

Last updated: Sep 06