First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

How can i create own errors in wireshark dissector

Hello together,

im working on my own dissector in c and i want to generate/create error messages like timeout or outofrange or something like that. I would like to give the frames which i find these created errors some colors depending on the error. Is there a common solution maybe? Would be enough if you can give me the number where i can find something of the README.dissector, because i'm still a beginner and want to learn more about devoloping my own dissector.

Thanks in advantage

Robin

Robin26689's avatar
13
Robin26689
asked 2021-01-14 09:52:54 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

0

The Wireshark support for this concept is called Expert Info:

The general idea behind the following "Expert Infos" is to have a better display of "uncommon" or "notable" network behaviour. This way, both novice and expert users will hopefully find probable network problems a lot faster, compared to scanning the packet list "manually".

grahamb's avatar
23.8k
grahamb
answered 2021-01-14 11:10:37 +0000, updated 2021-02-03 14:46:31 +0000
edit flag offensive 0 remove flag delete link
more

Comments

Nice, thank you very much, will look it up right now!

Robin26689's avatar Robin26689 (2021-01-14 11:12:27 +0000) edit
more
  • delete

Unfortunately not documented in the usual places that I could see. Commits to fix this are welcomed.

grahamb's avatar grahamb (2021-01-14 11:53:57 +0000) edit
more
  • delete

@grahmb if i click your link i'm just forwareded to gitlab. Did you mean i should look into the expert.h file? I haven't had time to look for the expert infos but now i want. I am trying to add an expert info to proto_tree_add_checksum()...i dont know where to start or where to find information. I already use the function and it works fine but it would be nice to have some expert information too. Hope you can help.

Thanks

Robin26689's avatar Robin26689 (2021-02-03 14:24:22 +0000) edit
more
  • delete

@Robin26689, Oops, I think I meant to link to the Developers Guide. I've updated the link.

grahamb's avatar grahamb (2021-02-03 14:46:12 +0000) edit
more
  • delete

I did mean to link to the Wiki but for reasons unknown that page has not transferred from the old wiki to the new Gitlab one. For historical purposes a link to the old wiki page is here.

grahamb's avatar grahamb (2021-02-03 14:49:29 +0000) edit
more
  • delete
add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer