Yang Ning wrote: > hi > > I'm trying to add a field for UDP data payload. So that I can use the strings > to search for some information. > (Like for example, I can do udp.length==12345, > I want to add a payload field so that I can do something like "udp.payload > contain something") > > where abouts does the code for udp dissection situated?
Even simpler: How about something like this for a filter ?? (I think this will work) udp && (data contains ...) (I'm not sure but you might have to disable any protocols which ride on UDP if you always want to search the complete UDP payload). ----- If you really want to get into the code, see the Developers Guide http://www.wireshark.org/docs/wsdg_html_chunked/ as to how to download the source & build Wireshark. The UDP dissector code is in epan/dissectors/packet-udp.c in the downloaded source. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
