On 11/25/2014 01:48 PM, Guy Harris wrote:
>
> On Nov 24, 2014, at 5:39 PM, Andy Howell wrote:
>
>> I'm writing some dissectors for a set of UDP based protocols that use the
>> same port
>> number as the source port in one direction, and the destination port in t
Hello,
I'm writing some dissectors for a set of UDP based protocols that use the same
port number
as the source port in one direction, and the destination port in the other
direction. Its
a different protocol going each way.
It seems that I can only call dissector_add_uint with "udp.port", not
Hello,
I am unable to post from my regular email account ( ie not this email
address ). The
wireshark mail server accepts my mail, but it never makes it to the list.
The mailman email commands do not work from either this mail address or my
regular one, so
its hard to say if my mail is
I have an undocumented protocol I'm trying to understand. I'd like to extract a
range of
bytes from from a number of packets to a file so that I can further analyze the
data
outside wireshark.
Is there a way I tell wireshark to write out bytes that match a display filter?
Or how about calling s
> On Tue, Feb 20, 2007 at 01:25:08AM -0600, Andy Howell wrote:
>
>> I've just added support for "tap" and stats_tree in my
>> dissector. I would like to have a stats_tree-like display that
>> includes my own columns. In particular, I want a summary
Hello,
I've just added support for "tap" and stats_tree in my dissector. I
would like to have a stats_tree-like display that includes my own
columns. In particular, I want a summary of the number of bytes sent by
each message type in my protocol.
I can see three options:
1) Modify th
Guy Harris wrote:
> On Feb 15, 2007, at 1:22 PM, Andy Howell wrote:
>
>> Saving setting based on just the file name would not work for me, as I
>> often have files with the same name but different settings. The files
>> end up in different directories.
>
> You prob
Guy Harris wrote:
> One feature that might be useful would be support for a "Wireshark
> settings file" that could be associated with a capture, so that if a
> file named foo.{pcap,cap,...} were opened, Wireshark could look for
> foo.wssettings, or something such as that, and, if it finds, load
Jaap Keuter wrote:
> Hi,
>
> Another way to help yourself, in case this is your own protocol dissector,
> is to make the dissector heuristic. Then you never have to setup the
> "decode as" at all!
>
Jaap,
Thanks. I did that for an internal dissector I wrote long ago.
Unfortunately the
Hello,
I just asked on the user list if there any way to save the "decode as"
settings? It seems there is not. I have pcap files with the same
protocol across many different UDP ports. Its very time consuming to go
through each port one-by-one and set the protocol with the decode-as.
I
10 matches
Mail list logo
