Akos Vandra <axos88@...> writes: > I would like to ask how does the Decode As... functionality work in wireshark? > I have a CAN network, and on top of it there may be different > higher-level protocols, depending on application. > There is no identifier which would say that this belongs to protocol > A, or protocol B. > > I think the best solution would be for the user to say that this > network has proto A or proto B on top of CAN, and then it would pass > the whole traffic to dissector B. > I guess this would be the puprose of the Decode As... option, but how > can I use it from within the CAN dissector code? >
Akos Vandra <axos88@...> writes: > I guess this would be the puprose of the Decode As... option, but how > can I use it from within the CAN dissector code? I think one way would be for the CAN dissector to be modified so it registers a dissector table that proto A, proto B, ... can then add their handle to. For example (warning - untested pseudocode): packet-socketcan.c: proto_register_socketcan() { ... can_dissector_table = register_dissector_table("can_somename", "CAN some_ui_name", FT_SOMETYPE, BASE_SOMEBASE); ... } protoA.c: proto_reg_handoff_protoA() { ... protoA_can_handle = create_dissector_handle(dissect_protoA, proto_protoA); dissector_add_handle("can_somename", protoA_can_handle); ... } Look in the Wirehshark sources at other dissectors for more/better examples. - Chris ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe