Re: [Wireshark-dev] How to add one dissector after adding one?

Thu, 01 Jan 2009 16:10:05 -0800 

Hello,

foo2 register :

  dissector_add("foo1.<specific_field_for_subdissector>",
                <value of foo1.<specific_field_for_subdissector> for 
which foo2 must be called>,
                dissector_handle);


foo1 register (before register_dissector) :

  dissector_table = 
register_dissector_table("foo1.<specific_field_for_subdissector>",
                                             "FOO1 
<specific_field_for_subdissector>",
                                              FT_UINT8 or FT_UINT16 or 
..., BASE_DEC);

   register_heur_dissector_list("foo1",
                                &heur_subdissector_list);

foo1 handoff (necessary for decode_udp_ports) :

  data_handle = find_dissector("data");

foo1 dissect :

  Call something "like" (you must make some modifications to match you 
needs) :
  decode_udp_ports(tvb,
                          <offset of data for subdissector>,
                           pinfo,
                           tree,
                           <1st value of <specific_field_for_subdissector>>,
                           <2nd value of <specific_field_for_subdissector>>,
                           <size of data for subdissector>);

Olivier


Siva.S a écrit :
> Hi,
>
>>   
>>>    I have added one dissector (foo1) that comes after UDP. Now, I want
>>> to add another dissector(foo2) that comes after "foo1".
>>>     
>>
>> Do "foo1" packets always include "foo2" packets (if they include any  
>> packet at all)?  Or could they have "foo3" or "foo4" or... packets  
>> instead?
>>
>>   
>     Thank you very much for your reply. Consider "foo1" packets always 
> include "foo2" packets. I'll be happy if u explain me both the cases.
>
> Thanks & Regards,
> Siva.S
> ------------------------------------------------------------------------
>
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <[email protected]>
> Archives:    http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>              mailto:[email protected]?subject=unsubscribe


-- 
Wireshark Generic Dissector http://wsgd.free.fr

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <[email protected]>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:[email protected]?subject=unsubscribe

Reply via email to