[Wireshark-dev] Implementing my own dissector that uses SSL for authentication and encryption.

Hi, I have to write a dissector for a proprietary protocol. The protocol uses SSL and thus runs on top of TCP. The port is decided by the client. I have 2 questions: 1. Do I need to write a Heuristic Dissector? 2. How do I handle the encrypted data? Any suggestion please. Abhinav Kumar ___

[Wireshark-dev] query regarding register of protocol

Hi, If I have two protocols A and B, is it possible to register the handle of protocol B in the protocol table of A and to register the handle of protocol A in the Protocol table of B at the same time. Regards Rahul Rohit =

Re: [Wireshark-dev] query regarding register of protocol

On Wed, Feb 19, 2014 at 9:37 AM, Rahul Rohit wrote: > Hi, > > If I have two protocols A and B, is it possible to register the handle of > protocol B in the protocol table of A and to register the handle of protocol > A in the > > Protocol table of B at the same time. Absolutely. Just create the

[Wireshark-dev] What clang analyzer version do the auto-bots use?

Howdy, Does anyone know what clang static analyzer checker-XXX version is used by the bots, for example for this: http://www.wireshark.org/download/automated/analysis/scan-build-2014-02-18-1/ I ask because I'm trying to cleanup some of the ones in wslua, and I don't get the same errors when usin

Re: [Wireshark-dev] What clang analyzer version do the auto-bots use?

Le mercredi 19 février 2014, Hadriel Kaplan a écrit : > Howdy, > Does anyone know what clang static analyzer checker-XXX version is used by > the bots, for example for this: > > http://www.wireshark.org/download/automated/analysis/scan-build-2014-02-18-1/ > > I ask because I'm trying to cleanup s

[Wireshark-dev] displaying header field without filtering capability

I'm trying to add a header field for spare bytes in a custom dissector. Currently, I'm creating a header field for a 'Spare' data element in a 'Status' message, as shown in the example below: \code snippet { &hf_Spare, { "Spare", "msg.Status.Spare", FT_UINT8, BASE_HEX, N

Re: [Wireshark-dev] displaying header field without filtering capability

You could use proto_tree_add_text but that is strongly recommended against. Why do you want to explicitly disallow filtering? If the field is reserved and not important you could just not add any item at all, and skip that byte entirely... On Wed, Feb 19, 2014 at 4:17 PM, John Dill wrote: > > I'm

Re: [Wireshark-dev] displaying header field without filtering

>Message: 6 > Date: Wed, 19 Feb 2014 17:24:11 -0500 > From: Evan Huus > To: Developer support list for Wireshark > Subject: Re: [Wireshark-dev] displaying header field without filtering > capability > Message-ID: > > > Content-Type: text/plain; charset=ISO-8859-1 > > You could u

Re: [Wireshark-dev] displaying header field without filtering

On Wed, Feb 19, 2014 at 5:57 PM, John Dill wrote: >>Message: 6 >> Date: Wed, 19 Feb 2014 17:24:11 -0500 >> From: Evan Huus >> To: Developer support list for Wireshark >> Subject: Re: [Wireshark-dev] displaying header field without filtering >> capability >> Message-ID: >> >> >>

Re: [Wireshark-dev] displaying header field without filtering

On Feb 19, 2014, at 4:03 PM, Evan Huus wrote: > It was at one point (long ago before wireshark had filtering) the > default API, so it is in a lot of old code. People often use it by > mistake when they *want* filterable items. It's also not quite as > abstract, since the data must be fetched se

Re: [Wireshark-dev] What clang analyzer version do the auto-bots use?

On 2/19/14 12:55 PM, Alexis La Goutte wrote: > > > Le mercredi 19 février 2014, Hadriel Kaplan > a écrit : > > Howdy, > Does anyone know what clang static analyzer checker-XXX version is > used by the bots, for example for this: > > http://www.