Wireshark mailing list archives
Heuristic dissector priority
From: Roland Knall <rknall () gmail com>
Date: Thu, 7 Nov 2013 14:43:42 +0100
Hi I am currently implementing a generic dissector, which takes a predefined script and dissect payload. Pretty much in a way wsgd (wsgd.fr) does, but some features where lacking for me, and the integration into wireshark did not work for me either. One of the features of my solution is the possibility, to call a subdissector as part of the payload (therefore easing the implementation for some protocols like openSAFETY for instance). Currently I am thinking of adding the generic dissector to the heuristic filter lists. But I want to enable this for all possible protocols, and for this it needs to be the first heuristic dissector called. Basically the workflow would look like this: * Heuristic call to generic dissector * Dissector decides if it is allowed to dissect for this packet (method is different from wsgd) * If not, other heuristic dissectors may get a chance Now I have two possibilities: 1. Either rework the register_heuristic_dissector routine to automatically add the generic dissector allways at the first position 2. Rework dissector_try_heuristic and introduce a second list of heuristic dissectors (global, general, ... something like that), that will allways get precedence over list-specific heuristic dissectors. Basically I would favor the second approach, but before I send in a patch, I would like to get the opinion of everyone else. regards Roland ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Heuristic dissector priority Roland Knall (Nov 07)