This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Custom wireshark dissector plugin: unable to overwrite col_protocol and info

0

Hello,

I have written a custom dissector plugin for internal use and am using "WTAP_ENCAP_USER0" as port. In my dissector, I am setting protocol name and info field using col_set_str function.

But it still shows the entry set in packet-frame.c. The protocol field is displayed as UNKNOWN and info field as WTAP_ENCAP = 45. If I comment out this line in packet-frame.c, then I can see the information and protocol that I set.

How can make my col_set_str to take effect and display my protocol and info instead

asked 01 Feb '17, 13:51

rashmi_s's gravatar image

rashmi_s
11224
accept rate: 0%

To add, I have already configured edit->preferences->DLT_USERS and also see that my protocol is enable in analyze->enabled protocols

(01 Feb '17, 14:35) rashmi_s