Menu
▾
▴
[tipc-discussion] Subdissectors for Wireshark Plug-in
|
From: Kinahan, W. P S. <WKinahan@SIKORSKY.COM> - 2007-09-13 14:39:01
|
I'm trying to build a dissector plug-in for my protocol which utilizes TIPC. It appears that the current TIPC package for Wireshark doesn't support heuristic subdissectors. Has anyone out there built one of these? Would you be willing to share your solution or suggestions? My goal is to key off the "tipcv2.port_name_type" field which will trigger my dissector. I've tried emulating what I see in the UDP package provided with Wireshark, but I'm unable to get it working. Bill Kinahan Chief Software Architect Sikorsky Aircraft (203)386-3551 Fax (860)998-5575 |