So why do a plugin? Just write a normal new dissector. Regardless, the doc to read is this: doc/README.dissector
That explains a lot, in detail; and of course you should also look at some existing packet-* files in epan/dissectors. For UDP, packet-stun.c or packet-ntp.c are a relatively small ones. -hadriel On Mar 12, 2014, at 1:48 AM, Nilesh Nayak <nileshna...@gmail.com> wrote: > So, basically I want to build a basic wireshark dissector and try to capture > the packets using my own customised protocol name. > Example : I have a protocol of my own, lets name it as "foo" protocol. Now, I > want to create a dissector for it like packet-<protocolname>.c and > packet-<protocolname>.h as source header files. > > Underlying the protocol, I am capturing UDP packets. But if I set the capture > filter as "foo", then I should be able to capture "foo" packets. > Could you please send me some good tutorials over the same? > > I have already read the README.developer and README.pluggins docs. > > > And yes, I am adding a new protocol dissector in the wireshark source code > itself and then building the environment and compiling. > > Thanks and Regards, > Nilesh > > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> > Archives: http://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev > mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
