Ok, thanks for your advice. I´ll try to realize it with the dissector_try_heuristic method. I hope, it isn´t too much work... Chris
----- Ursprüngliche Mail ---- Von: Abhik Sarkar <[EMAIL PROTECTED]> An: Developer support list for Wireshark <wireshark-dev@wireshark.org> Gesendet: Mittwoch, den 30. Juli 2008, 21:50:42 Uhr Betreff: Re: [Wireshark-dev] Generic call_dissector() Building on Chris' idea... based on the assumption that your protocol has a field to say what the payload is (called payload_tag e.g.), you will still have to determine what the payload protocol (as Chris suggested) is but to keep things generic, you could register a preference which has a syntax of something like this: payload_tag:payload_proto;payload_tag:payload_proto;... e.g. 1:ip;2:ppp;3:tcp; That way, you can add support for new protocols without having to re-write any code. The only gotcha is that the dissectors for all the payload protocols must have registered themselves with names (and recently a fair number have been found not to and corrected). HTH Abhik. On Wed, Jul 30, 2008 at 5:41 PM, Maynard, Chris <[EMAIL PROTECTED]> wrote: > You may be able to get away with calling the lowest common denominator > dissector and letting it naturally take care of handing off dissection to the > next protocol, whatever it is. If there is no common denominator, one > possible way to do it would be to have all possible protocol dissectors that > could appear in your payload register themselves as heuristic dissectors to > your dissector, then you would only need to make a single call to > dissector_try_heuristic(). But that would require changes to a lot of core > protocols, potentially, namely ip, ppp, etc., so I'm not so sure that it's > the best solution overall. I don't know, perhaps the best solution is simply > for you to determine the protocol yourself and hand off to the appropriate > dissector. Maybe someone else has some thoughts on this or ideas on how else > it could be done. > > - Chris > >> -----Original Message----- >> From: [EMAIL PROTECTED] [mailto:wireshark-dev- >> [EMAIL PROTECTED] On Behalf Of Hans Glück >> Sent: Wednesday, July 30, 2008 4:41 AM >> To: wireshark-dev@wireshark.org >> Subject: [Wireshark-dev] Generic call_dissector() >> >> Hello, >> >> I am writing a dissector and in the >> payload of my packets are different types of data/information (PPP, >> TCP,...) and maybe some more I don´t know. I wonder if I can call WS to >> dissect this payload without defining a special handle? >> => call_dissector(...) - therefor I have to define a ppp or ip handle >> >> Is there a possibility to make a generic >> dissector call? Or can the user define the payload by clicking on a >> packet and "Export as ... IP"? >> >> >> Regards, >> Chris >> >> >> __________________________________________________________ >> Gesendet von Yahoo! Mail. >> Dem pfiffigeren Posteingang. >> http://de.overview.mail.yahoo.com >> _______________________________________________ >> Wireshark-dev mailing list >> Wireshark-dev@wireshark.org >> https://wireshark.org/mailman/listinfo/wireshark-dev > "CONFIDENTIALITY NOTICE: The contents of this email are confidential and for > the exclusive use of the intended recipient. If you receive this email in > error, please delete it from your system immediately and notify us either by > email, telephone or fax. You should not copy, forward, or otherwise disclose > the content of the email." > > _______________________________________________ > Wireshark-dev mailing list > Wireshark-dev@wireshark.org > https://wireshark.org/mailman/listinfo/wireshark-dev > _______________________________________________ Wireshark-dev mailing list Wireshark-dev@wireshark.org https://wireshark.org/mailman/listinfo/wireshark-dev __________________________________________________ Do You Yahoo!? Sie sind Spam leid? Yahoo! Mail verfügt über einen herausragenden Schutz gegen Massenmails. http://mail.yahoo.com _______________________________________________ Wireshark-dev mailing list Wireshark-dev@wireshark.org https://wireshark.org/mailman/listinfo/wireshark-dev
