Wireshark - 0.99.7 Guide de l'utilisateur Page 115
- Page / 147
- Table des matières
- MARQUE LIVRES
Noté. / 5. Basé sur avis des utilisateurs
9.2. Adding a basic dissector
Let's step through adding a basic dissector. We'll start with the made up "foo" protocol. It consists of
the following basic items.
• A packet type - 8 bits, possible values: 1 - initialisation, 2 - terminate, 3 - data.
• A set of flags stored in 8 bits, 0x01 - start packet, 0x02 - end packet, 0x04 - priority packet.
• A sequence number - 16 bits.
• An IP address.
9.2.1. Setting up the dissector
The first decision you need to make is if this dissector will be a built-in dissector, included in the
main program, or a plugin.
Plugins are the easiest to write initially, so let's start with that. With a little care, the plugin can be
made to run as a built-in easily too - so we haven't lost anything.
Example 9.1. Dissector Initialisation.
#ifdef HAVE_CONFIG_H
# include "config.h"
#endif
#include <epan/packet.h>
#include <epan/prefs.h>
/* forward reference */
void proto_register_foo();
void proto_reg_handoff_foo();
void dissect_foo(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree);
static int proto_foo = -1;
static int global_foo_port = 1234;
static dissector_handle_t foo_handle;
void
proto_register_foo(void)
{
if (proto_foo == -1) {
proto_foo = proto_register_protocol (
"FOO Protocol", /* name */
"FOO", /* short name */
"foo" /* abbrev */
);
}
}
Let's go through this a bit at a time. First we have some boiler plate include files. These will be
pretty constant to start with. Here we also pre-declare some functions that we'll be writing shortly.
Next we have an int that is initialised to -1 that records our protocol. This will get updated when we
register this dissector with the main program. We can use this as a handy way to detect if we've been
initialised yet. It's good practice to make all variables and functions that aren't exported static to
keep name space pollution down. Normally this isn't a problem unless your dissector gets so big it
has to span multiple files.
Then a module variable which contains the UDP port that we'll assume we are dissecting traffic for.
Packet dissection
101
- 24295 for Wireshark 0.99.7 1
- Table of Contents 4
- 1. Foreword 8
- 3. Acknowledgements 10
- 4. About this document 11
- Part I. Wireshark Build 15
- Environment 15
- Chapter 1. Introduction 16
- 1.2. What is Wireshark? 17
- 1.3.1. Unix 18
- 1.3.2. Linux 18
- 1.3.3. Microsoft Windows 19
- Wireshark 20
- 1.5.1. Binary distributions 22
- 1.6.1. Advantages 23
- 1.7.1. Website 24
- 1.7.2. Wiki 24
- 1.7.3. FAQ 24
- 1.7.4. Other sources 24
- 1.7.5. Mailing Lists 24
- 1.7.7. Reporting Problems 25
- Don't send large files! 26
- Chapter 2. Quick Setup 28
- 2.2.2. Install Cygwin 29
- 2.2.3. Install Python 30
- 2.2.6. Prepare cmd.exe 31
- 2.2.7. Verify installed tools 31
- 2.2.8. Install Libraries 32
- 2.2.9. Distclean Sources 32
- 2.2.10. Build Wireshark 32
- Quick Setup 34
- 3.1. Introduction 35
- 3.3.3. Buildbot Snapshots 38
- 3.3.4. Released sources 39
- 3.4.2. ... from zip files 40
- 3.5. Build Wireshark 41
- 3.6. Run generated Wireshark 43
- 3.7.1. Win32 native 44
- 3.9. Contribute your changes 46
- 3.9.2. Generate a patch 47
- 3.9.4. Code Requirements 48
- 3.10.1. Using patch 51
- 3.10.2. CVS diff (obsolete) 51
- 3.12. Binary packaging 54
- Chapter 4. Tool Reference 57
- 4.2. Win32: Cygwin 58
- Win32: Warn! 59
- 4.3.4. make (GNU Make) 60
- 4.4.3. cl.exe (C Compiler) 64
- 4.4.4. nmake.exe (Make) 65
- 4.4.5. link.exe (Linker) 65
- 4.4.7. Windows (Platform) SDK 67
- 4.4.8. HTML Help 67
- 4.4.9. Debugger 68
- 4.5. bash 69
- 4.6. python 70
- 4.7. perl 71
- 4.8. sed 72
- 4.9. yacc (bison) 73
- 4.10. flex 74
- 4.11.2. Win32 native: svn 75
- 4.13. diff (optional) 77
- 4.14. patch (optional) 78
- 4.17. Win32: NSIS (optional) 81
- Tool Reference 82
- Chapter 5. Library Reference 83
- 5.2. Binary library formats 84
- 5.3.1. Initial download 85
- 5.4.1. Unix 87
- 5.4.2. Win32 MSVC 87
- 5.5. Net-SNMP (optional) 88
- 5.6. GNU adns (optional) 89
- 5.7. PCRE (optional) 90
- 5.8. zlib (optional) 91
- 5.9.1. Unix: libpcap 92
- 5.9.2. Win32 MSVC: WinPcap 92
- 5.10. GnuTLS (optional) 93
- 5.11. Gcrypt (optional) 94
- 5.12. Kerberos (optional) 95
- 5.13. LUA (optional) 96
- 5.14. PortAudio (optional) 97
- Library Reference 99
- (incomplete) 100
- 6.1. Introduction 101
- 6.2. Overview 102
- 6.3. Capturing packets 104
- 6.4. Capture Files 105
- 6.5. Dissect packets 106
- How Wireshark Works 107
- Chapter 7. Introduction 108
- 7.2. Coding styleguides 109
- 7.3. The GLib library 110
- Introduction 111
- Chapter 8. Packet capturing 112
- Packet capturing 113
- Chapter 9. Packet dissection 114
- 9.2. Adding a basic dissector 115
- Example 9.3. Dissection 116
- Packet dissection 122
- 9.5. How to tap protocols 129
- 9.7. How to use conversations 132
- Chapter 10. User Interface 134
- 10.2. The GTK library 135
- #if GTK_MAJOR_VERSION >= 2 136
- 10.3. GUI Reference documents 138
- User Interface 139
- 10.5. Widget naming 140
© 2020, manymanuals.fr. Tous droits réservés | 0.205 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commentaires sur ces manuels