Re: [Wireshark-dev] pinfo->private_data usage

2009-06-25 Thread yin sun
Isn't it depend on the agreement between caller that setup the data and the called dissector that uses the data.If the caller wants to enforce it, that is fine. But I don't see a general rule here. What if the case that sub-dissector wants to pass back some value. private_data is also the only way

Re: [Wireshark-dev] ip.addr != 10.0.0.1 (Guy Harris)

2008-01-29 Thread yin sun
then the next step could be adding "...!=..." operator back to be equivalent to "!(...)". /sunyin On Jan 29, 2008 3:55 AM, Jaap Keuter <[EMAIL PROTECTED]> wrote: > Hi, > > Well, still not that warm fuzzy feeling about it. I'll give you > something to think about. > > The whole discussion focuses

Re: [Wireshark-dev] Compilation error in asn.1 file

2008-01-03 Thread yin sun
Hi Tarani, If I understand correctly you need to check gsmmap for the implementation. there is opcode variable defined in the template c code there is setting and getting example in gsmmap.cnf /Yin On Jan 3, 2008 5:50 AM, <[EMAIL PROTECTED]> wrote: > > Hi Anders, > > I was able to compile my asn

Re: [Wireshark-dev] Need to dissect gmail

2007-12-29 Thread yin sun
is this gmail referring to google mail? It is an application on top of HTTP, so you need to catpure all the HTTP messages. I don't think wireshark can "dissect gmail packets", they are a bunch of javascript and html. On Dec 29, 2007 8:38 AM, prashanth joshi <[EMAIL PROTECTED]> wrote: > Hi all, > I

Re: [Wireshark-dev] what are the steps needed to add a plugin

2007-11-09 Thread yin sun
If you have many plugins to develop, you can create your own Makefile to do everything you need in one file. The steps can be automated with shell scripts, and they are only necessary if you want to blend in your build into the whole wireshark building process. That means you don't need to build wi

Re: [Wireshark-dev] Windows 2K build problems

2007-09-07 Thread yin sun
my experience is, try the same build command again, it may pass and move further then failed at other place. Then you can try again. I post the problem before in the mailing list, seems nobody has the same problem. I have to think my build environment is not clean or my notebook is too slow (NC8000

Re: [Wireshark-dev] Simple sniffer using wireshark's code

2007-08-29 Thread yin sun
you already got tcp payload, assemble them yourself by port, you got http, ftp and so on. to see how wireshark do this kind of assembling is much harder. /Yin On 8/29/07, José María Polvorosa Amor <[EMAIL PROTECTED]> wrote: > > Hello everybody! > First of all, Apologize for the inconvenience, I k

Re: [Wireshark-dev] Win2000 Error: wireshark.exe is not a valid Win32 application

2007-08-28 Thread yin sun
and seems less problamatic than using VC2005EE. I think the "Win32: > Step-by-Step Guide" should state at the top that if you have VC6, use it > instead of 2005EE. > > Thanks and regards, > Greg > > *yin sun <[EMAIL PROTECTED]>* wrote: > > I did th

Re: [Wireshark-dev] Win2000 Error: wireshark.exe is not a valid Win32 application

2007-08-26 Thread yin sun
pplications: > cl: /cygdrive/c/Program Files/Microsoft Visual Studio 8/VC/BIN/cl > link: /cygdrive/c/Program Files/Microsoft Visual Studio > 8/VC/BIN/link > nmake: /cygdrive/c/Program Files/Microsoft Visual Studio > 8/VC/BIN/nmake > bash: /usr/bin/ba

Re: [Wireshark-dev] Win2000 Error: wireshark.exe is not a valid Win32 application

2007-08-23 Thread yin sun
the wiki page suggest you ONLY use nmake/cl/link from VS8 (true name of Visual C++ 2005 Express Edition), but make sure NOT use nmake/cl/link from 2003 server SDK R2 under windows 2000. Hope this will help. /Yin On 8/22/07, Graham Bloice <[EMAIL PROTECTED]> wrote: > > Greg Bell wrote: > > I gues

Re: [Wireshark-dev] Wiki problem

2007-08-17 Thread yin sun
this is the format I found out. [wiki:%23.END #.END] On 8/17/07, Anders Broman (AL/EAB) <[EMAIL PROTECTED]> wrote: > > Hi, > On Ethereal Wiki page corresponding to * > http://wiki.wireshark.org/Asn2wrs?highlight=%28asn2wrs%29*there > ar

Re: [Wireshark-dev] ../../epan/dissectors/packet-per.h:37: error: expected declaration specifiers or '...' before 'asn1_ctx_t'

2007-08-04 Thread yin sun
That doesn't make sense, as 1. the packet-per.h itself uses types defined in asn1.h 2. it will break any dissectors's build that use packet-per before 0.99.6. /Yin On 8/4/07, Stephen Fisher <[EMAIL PROTECTED]> wrote: > > > > On Fri, Jul 27, 2007 at 04:39:57PM -0400, y

[Wireshark-dev] question about TCP flag DESEGMENT_UNTIL_FIN

2007-07-31 Thread yin sun
Hello, I found out that, When a subdissector on top of TCP set if (pinfo->can_desegment) { pinfo->desegment_len = DESEGMENT_UNTIL_FIN; return; } when pinfo->can_desegment is 0 again, subdissector received the whole TCP stream in tvb minus the payload from the FIN packet. Is

Re: [Wireshark-dev] ../../epan/dissectors/packet-per.h:37: error: expected declaration specifiers or '...' before 'asn1_ctx_t'

2007-07-27 Thread yin sun
the epan/dissectors/packet-per.h is missing this #include On 7/27/07, yin sun <[EMAIL PROTECTED]> wrote: > > I am recompilling my plugins from 0.99.5 to 0.99.6 under Suse linux > everything is ok under 0.99.5, 0.99.6 wireshark also complies, but my > plugin compilat

[Wireshark-dev] ../../epan/dissectors/packet-per.h:37: error: expected declaration specifiers or '...' before 'asn1_ctx_t'

2007-07-27 Thread yin sun
I am recompilling my plugins from 0.99.5 to 0.99.6 under Suse linux everything is ok under 0.99.5, 0.99.6 wireshark also complies, but my plugin compilation failed gcc -DHAVE_CONFIG_H -I. -I. -I../.. -I../.. -I/local/scratch/usr/local/include -I/usr/local/include -I/usr/include -DINET6 "-D_U_=__at

[Wireshark-dev] decoding java object stream

2007-07-27 Thread yin sun
Hi, I am making a plugin for Java Serialized object stream. Similar questions occur to me. As the stream doesn't indicate length, so it could run very long inside one tcp stream. I can use conversation to preserve the information across packets. But how do I handle the boundary case. How do I dete

Re: [Wireshark-dev] wireshark-0.99.5 Segmentation fault on displaying packets

2007-06-18 Thread yin sun
the libwiretap should points to /local/scratch/usr/local/lib/libwiretap.so.0 right? How to fix this? Thanks, /Yin On 6/18/07, Jaap Keuter <[EMAIL PROTECTED]> wrote: Hi, Can you run Wireshark in DDD so you can get a backtrace? See http://wiki.wireshark.org/Development/Tips Thanx, Jaap yin

Re: [Wireshark-dev] Error: wireshark.exe is not a valied Win32application

2007-06-18 Thread yin sun
make sure you don't have the problem discribed below in win2k section, http://wiki.wireshark.org/BuildingAndInstalling /Yin On 6/15/07, Alex Lindberg <[EMAIL PROTECTED]> wrote: I have tried both the current GA release 0.99.5 tarball and the "trunk" svn release called 0.99.6 in config.nmake.

[Wireshark-dev] wireshark-0.99.5 Segmentation fault on displaying packets

2007-06-18 Thread yin sun
Hello, I have compiled wireshark from 0.99.5 source on Suse10 Linux 2.6.16.27-0.9-smp x86. Initial launch is ok, change/save preference is ok, but failed at displaying packet with Segmentation fault. When I tried the same pcap file with tshark, it is OK. So it must be some gui related problem. Ca

Re: [Wireshark-dev] decode many type of messages

2007-06-07 Thread yin sun
Hi Darwin, Usually the type of a data structure should be less, right. As your data below is req1,2,3 I guess they should share similar data type. Anyway, no matter how many data types, they all down to some form of bytes. So if you know what the byte format of type A, B, C, D ... you can easily s

Re: [Wireshark-dev] how to make tcap subdissector in plugin

2007-06-07 Thread yin sun
ngligt meddelande- > Från: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] För yin sun > Skickat: den 5 juni 2007 21:13 > Till: Developer support list for Wireshark > Ämne: Re: [Wireshark-dev] how to make tcap subdissector in plugin > > It is a private opcode to MAP. >

Re: [Wireshark-dev] how to make tcap subdissector in plugin

2007-06-05 Thread yin sun
It is a private opcode to MAP. /Yin On 6/5/07, Anders Broman <[EMAIL PROTECTED]> wrote: > Hi, > Is it a private opcode to MAP or something missing from MAP? > Regards > Anders > > -Ursprungligt meddelande- > Från: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED

[Wireshark-dev] how to make tcap subdissector in plugin

2007-06-05 Thread yin sun
Hello developer, I have made the FooPage example working for plugin. Now I want to have a plugin similar to GSM-MAP but as a plugin. Basically this plugin will provide decoder for new opcode. The problem is, to register under tcap I have to call add_itu_tcap_subdissector as I read from gsmmap code

Re: [Wireshark-dev] difference in plugin and dissector for asngenerated code

2007-06-03 Thread yin sun
le the BER dissector with the -X option > Which is the new preferred way, what errors do you get? > Regards > Anders > > -Ursprungligt meddelande- > Från: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] För yin sun > Skickat: den 3 juni 2007 23:42 > Till: wir

[Wireshark-dev] difference in plugin and dissector for asn generated code

2007-06-03 Thread yin sun
Hello, I am new here. I want to write plugin (not dissector as it is fast to compile and easy to depoly) with asn2wrs generated code. But I notice that some functions are not included in libwireshark (for example dissect_per_enumerated). Can someone tell me why? Also if I generate code with BER en