Re: [Wireshark-dev] Expert Infos are a bit "more official" now!

Yo Chris! I had the same problem and was just wondering why. It seems that "Expert Info" rescans a capture passing no valid tree pointer. "Expert Info Composite" does indeed pass a valid tree pointer!. So in my dissector the EIC makes much more sense. You said that the "old" EI will not be avai

Re: [Wireshark-dev] Wireshark Logo/Icons

My humble opinion: > Making the fin blue is an option though, and the result would look like so: > >http://wayofthemonkey.com/wireshark-blue.png That's better than the other one. >The TM'd image, and the current icon, I think are a bit over-simplified for an application icon/logo on modern oper

Re: [Wireshark-dev] how to add a dissector to an existing installationof wireshark

Hi Michael! It is possible to distribute the plugin. Have a look at http://wiki.wireshark.org/Development/CommonProblems in the last section ;). Have fun! Frank -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Michael Jakobs Gesendet: Dienstag,

[Wireshark-dev] Visual Studio plugin incompatibility?

Does following scenario occur with anybody's installation, too? I am using Visual Studio 8 to compile wireshark and my dissector. Everything works fine, so far. But when I put my dissector dll on another machine, where the original Wireshark (0.99.6) is installed, Wireshark shows strange behaviou

Re: [Wireshark-dev] tvb in a conversation

You can achieve this by defining your own data struct which contains information that you want to pass. You can allocate memory for this using se_alloc or using g_mem_chunk.. Then you attach this struct to the conversation using conversation_add_proto_data and when you want to retrieve this dat

[Wireshark-dev] switched seconds and nsecs in nstime_t

Hi there! In my dissector i display the time delta between request and reply. This works fine on my PC so far. On some others too. But on some machines the values from nstime_t (secs and nsecs) are switched in some cases. In Frame display time delta everything seems ok, but at the point of tim

Re: [Wireshark-dev] GPL license question

Wouldn't it be technically possible (with modifications, of course) to link the code not statically but dynamically? -- Frank -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Phillip Paradis Gesendet: Donnerstag, 12. Juli 2007 00:07 An: Develope

[Wireshark-dev] [patch] adding rval - support to libwireshark.def

I added rval_to_str, match_strrval and match_strrval_idx to libwireshark.def for being available in plugins. I diffed against http://anonsvn.wireshark.org/wireshark/trunk/epan/libwireshark.def from just now. Regards, Frank Stratemeier --- libwireshark.def2007-06-25 09:15:14.365409400 +02

[Wireshark-dev] linking error for rval_to_str function

Hi Community, when I try to use the rval_to_str function in my plugin (build for wireshark version 0.99.5 with MSVC 2005) nmake returns the following message: packet-jetip.obj : error LNK2019: unresolved external symbol _rval_to_str referenced in function _dissect_reply Nevertheless, calls to va

[Wireshark-dev] Get packet data from previous packet

Hi there! I am developing a dissector for a PLC communication protocol which is transported via tcp or udp. For correct interpretation it is necessary to know the question to a reply, i.e. i need to access the data from one of the previous packets. Is there some mechanism that i can use? find