THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

Custom ecpri dissector based on original implementation

Hello,

I need some modification to basic epan/dissectors/packet-ecpri.c implementation so i thought eses way to pull it will be:

do modification in packet-ecpri.c

compile plugins target

Copy lib .so file to current wireshark installation "/usr/lib/x86_64-linux-gnu/wireshark/plugins/4.0/epan" but using nm -D i have checked all libs for "proto_register_ecpri" symbol and it is not there, so in which library this object /build/epan/dissectors/CMakeFiles/dissectors.dir/packet-ecpri.c.o is linked, and where it is located on ubuntu 22.04 installation so i can switch it after compilation or i'm completely wrong and this is not right approach ?

ekstrapolator's avatar
1
ekstrapolator
asked 2024-04-15 08:57:25 +0000
grahamb's avatar
23.8k
grahamb
updated 2024-04-15 09:04:58 +0000
edit flag offensive 0 remove flag close merge delete

Comments

epan/dissectors/packet-ecpri.c is not forgotten commits.
If your "some modification" would benefit others you could open a Enhancement Request.

Before attempting to modify the .so have you gone through the UN*X build process?
Once that is successful and if the change benefits others you could make a merge request 3.9. Make Changes To The Wireshark Sources.

Chuckc's avatar Chuckc (2024-04-15 12:51:27 +0000) edit
more
  • delete

I am curious about the changes you need to make. I made it call the ORAN FH CUS dissector for the message types it handles (discarding my company's eCPRI dissector).

MartinM's avatar MartinM (2024-04-16 22:05:01 +0000) edit
more
  • delete
add a comment see more comments

1 Answer

0

Thanks Chuck I was able to build and install modified wireshark and it works. About my changes it only for debug purpose, i have some custom payload on message type four, and instead manual inspection on raw data i would like to have additional subtree and fields to ease my work.

ekstrapolator's avatar
1
ekstrapolator
answered 2024-04-18 07:48:44 +0000
edit flag offensive 0 remove flag delete link
more

Comments

i would like to have additional subtree and fields to ease my work

It may be easier/quicker with a Lua script. Iterative changes without needing a recompile.
("quicker" depends on time to spin up on Lua language. :-) )

Chuckc's avatar Chuckc (2024-04-18 09:46:06 +0000) edit
more
  • delete
add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer