Craig Bumpstead wrote:
> Hi,
>
> I am trying to write a dissector for a proprietary protocol. This protocol
> can use 4 static TCP ports.
> Thanks to the Wireshark tutorial I have gotten the dissector to work, but
> only with one static TCP port.
>
> I have tried:
> dissector_add("tcp.port", 21016, myproto_handle);
> dissector_add("tcp.port", 4435, myproto_handle);
> ....
> .....
>
> without any luck, it just decodes the first 2 packets then will only decode
> packets with TCP port 21016.
>
I would have expected that the above would result in your dissector code
being called for any TCP packet which has either of the ports as a
source or destination.
I'm not sure what you mean by "it just decodes the first 2 packets ...".
Do you mean that it does decode 2 packets with a tcp port of 4435 ?
If so, my guess is that there's something in your dissector code which
is clobbering something somehow.
Also: make sure you have the tcp protocol option "Try Heuristic
sub-dissectors first" set to off.
[Edit ! Preferences ! Protocols ! TCP]
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <[email protected]>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:[email protected]?subject=unsubscribe
