Hi Wireshark developers,
I am a developer for FreeRDP <http://www.freerdp.com>, a free remote desktop protocol client. I started writing a dissector for the RDP protocol as there is currently none and such a tool would be immensely useful for the development of my program. There's something I have a problem with: RDP is made out of multiple protocols, with some of them already being implemented in Wireshark. One of them is T.125 (MCS). I tried using find_dissector("t125") and then call it on the RDP payload, and it works to some extent. The problem with that is that I need a way to know if 1) dissection has been successful with the T.125 dissector and 2) a way to dissect the "userData" field if it is present, after the T.125 dissector has been called, as it contains a payload defined in the RDP protocol. How should I get the offset of this userData field dissected by the MCS dissector, so that I can dissect it? I find that most of the Wireshark API is useful when you are "forward" dissecting, but not when you want to interpret the results from a previous dissection, unless I am mistaken. Any help is appreciated, thanks.
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <[email protected]> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:[email protected]?subject=unsubscribe
