Wireshark mailing list archives
Understanding 802.15.4 (WPAN) dissection
From: Eduard GV <eduardgv () gmail com>
Date: Tue, 18 May 2010 11:13:55 +0200
Hi all, I first tried the users mailing list to see if I could avoid touching code (I'm not a programmer!), but I got no response: http://seclists.org/wireshark/2010/May/112 THE SCENARIO: Wireshark receives wpan (802.15.4) frames from an Exegin Q51 probe. These frames are wrapped in ZEP UDP datagrams THE PROBLEM: IP --> UDP --> ZEP and 802.15.4 headers are decoded properly, but the 802.15.4 payload is always decoded as ZigBee even though there is no zigbee at all I tried looking into packet-ieee802154.c, packet-zbee-nwk.c, packet-6lowpan.c, etc. and I suspect that the key is heur_dissector_add(), used to register "post-wpan" dissectors. Where is this function? In order to avoid this behavior, Would be enough to simply call call_dissector(data_handle, payload_tvb, pinfo, tree); when trying to dissect the 802.15.4 payload, be enough? Thanks! ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Understanding 802.15.4 (WPAN) dissection Eduard GV (May 18)