Re: Dissecting a portion of a protocol owned byanotherdissector

["Maynard, Chris" <Christopher.Maynard () GTECH COM>]

Which field of which dissector are you interested in?  If you're lucky, it might already be available to your plugin in 
the packet_info struct.

- Chris

-----Original Message-----
From: wireshark-dev-bounces () wireshark org [mailto:wireshark-dev-bounces () wireshark org] On Behalf Of Jeremy O'Brien
Sent: Tuesday, February 23, 2010 2:50 PM
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] Dissecting a portion of a protocol owned byanotherdissector

Hmm... I was trying to avoid touching any existing dissectors to allow
my plugin to be as modular as possible. There's no other (easy) way?

On Tue, Feb 23, 2010 at 14:11, Anders Broman <a.broman () telia com> wrote:
> Hi,
> Not easily, but if you are doing something reasonably like dissecting
> Vendor specific fields a patch to the existing dissector providing a "hook"
> For a plugin would be acceptable, like registering a dissector table a
> Custom plugin could register in.
>
> Regards
> Anders
> -----Ursprungligt meddelande-----
> Från: wireshark-dev-bounces () wireshark org
> [mailto:wireshark-dev-bounces () wireshark org] För Jeremy O'Brien
> Skickat: den 23 februari 2010 19:02
> Till: Developer support list for Wireshark
> Ämne: [Wireshark-dev] Dissecting a portion of a protocol owned by
> anotherdissector
>
> Hello,
>
> I am trying to write a wireshark plugin that dissects only a certain
> field of another dissector. I read about writing tap dissectors, but
> these seem to still receive entire packets rather than just the
> portion I'm interested in. I am trying to avoid copying large chunks
> of the main dissector just to get down to the area my dissector is
> interested in. Does wireshark provide a way to do this?
>
> Thank you,
> Jeremy
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
> Archives:    http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
>
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
> Archives:    http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
CONFIDENTIALITY NOTICE: The contents of this email are confidential
and for the exclusive use of the intended recipient. If you receive this
email in error, please delete it from your system immediately and 
notify us either by email, telephone or fax. You should not copy,
forward, or otherwise disclose the content of the email.

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe