Re: [Wireshark-dev] Passing data from Plugin dissector to a standard wireshark dissector (i.e. TCP)

Sat, 25 Aug 2012 07:08:28 -0700 

Hi again,

Any one having any other idea here. To put it short, I have written a
plugin dissector for a custom protocol which works fine in wireshark, but
as a next step I want rest of packet data to be decoded by a higher layer
protocol dissector of wireshark (e.g. TCP or UDP, depending on a field
value of custom protocol). Can you please guide me, as to what steps should
I take in to account to get this task done.

Additional Info:
Platform being used in Ubuntu
Programming Language is C or C++

                                                        I am counting alot
on anyone's help. So please help me here.

Thanks and Regards,
Hammad Kabir



On Sun, Aug 12, 2012 at 2:57 PM, Martin Kaiser <[email protected]> wrote:

> Hi Hammad,
>
> Thus wrote hammad kabir ([email protected]):
>
> > I have recently implemented a wireshark dissector of a relatively
> > simple protocol (lets call the protocol as COOL) for a project of
> > mine. This dissector gets the data from IP layer and then parses it
> > according to protocol definition of COOL protocol. (so far its good).
> > But, next step involves passing the data from COOL protocol ( which is
> > a plugin dissector in my case) to TCP protocol for further dissection
> > of packet. However, I am having a difficult time in getting this
> > (later) task done.
>
> a while ago, I added dissection of DVB-CI messages that contain a tcp or
> udp part. Have a look at epan/dissectors/packet-dvbci.c. When the
> connection is opened, I call store_lsc_msg_dissector() and try to find
> the matching dissector for the selected tcp (or udp) port.
> Later in dissect_dvbci_payload_lsc(), case
> T_COMMS_SEND_LAST..., I call the tcp dissector using call_dissector()
> and pass the message tvb as a parameter.
>
> Is this similar to your task?
>
> Regards,
>
>    Martin
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <[email protected]>
> Archives:    http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>              mailto:[email protected]
> ?subject=unsubscribe
>

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <[email protected]>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:[email protected]?subject=unsubscribe

Reply via email to