Ethereal: Re: [Ethereal-dev] How can I dissect the packet deep than ether layer

Ethereal-dev: December 2004

Subject: Re: [Ethereal-dev] How can I dissect the packet deep than ether layer
From: Guy Harris <gharris@xxxxxxxxx>
Date: Sun, 05 Dec 2004 05:46:53 -0800

Flier Lu wrote:

hi!

I wrote some python wrapper module for libethereal to extend
PyWireTap, it can dissect packet now, but I can only got ether layer
dissection result like this:


That's not even Ethernet layer.

I have called epan_init, read_prefs, prefs_apply_all, init_dissection
functions in orders, and can got fully protocol/field tree with
proto_get_first_protocol/proto_get_next_protocol functions, what's
else I need ?

You presumably called "epan_dissect_new()" to create an "epan_dissect_t", and called "epan_dissect_run()" to dissect the packet, right?

If not, you should.

If so, did you fill in *all* the members of the "frame_data" structure you passed to "epan_dissect_run()", including filling in "fdata->lnk_t" with the "pkt_encap" value in the "wtap_pkthdr" structure you got from Wiretap? If not, you should.

References:
- [Ethereal-dev] How can I dissect the packet deep than ether layer
  - From: Flier Lu

Prev by Date: [Ethereal-dev] How can I dissect the packet deep than ether layer
Next by Date: Re: [Ethereal-dev] [PATCH] packet-dcerpc.c: clamp to tvb length and display multiple lines
Previous by thread: [Ethereal-dev] How can I dissect the packet deep than ether layer
Next by thread: [Ethereal-dev] Development on Visual C++ 6
Index(es):
- Date
- Thread