Wireshark mailing list archives
Re: Chained CAN dissecector: Can not get reference for CAN dissector
From: Michael Mann <mmann78 () netscape net>
Date: Tue, 15 Dec 2015 06:53:54 -0500
The CAN ID is passed as the "data" parameter to the subdissector from the CAN dissector. The C code of a subdissector to handle it would be as follows: struct can_identifier { guint32 id; }; static int subdissector_function(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data) { struct can_identifier can_id; can_id = *((struct can_identifier*)data); if (can_id.id != 42) { return 0; } ... } I'm not as familiar with Lua to know how to setup the equivalent, but you shouldn't need to "override" the CAN dissector to get the CAN ID. -----Original Message----- From: Sebastian Schildt <sebastian () frozenlight de> To: wireshark-dev <wireshark-dev () wireshark org> Sent: Tue, Dec 15, 2015 5:37 am Subject: [Wireshark-dev] Chained CAN dissecector: Can not get reference for CAN dissector Hello Wiresharkers, I have a problem (obviously :) ) . I want to create a CAN dissector (in Lua). What I already achieved is creating a Can subdissector: So my dissector gets called for CAN payload. However, I need access to the CAN identfier, so I figured my dissector needs to be on the same "level" as the CAN dissector (right?) Therefore I tried to use the "chained dissector" pattern, where my dissector would call the CAN dissector and then does some further processing. For this my dissector must call the CAN dissector, but I do not know how to get a reference to it. I tried original_can_dissector = Dissector.get("CAN") or original_can_dissector = Dissector.get("can") that did not work, then I used lua to print for key,value in pairs(Dissector.list()) do print(key,value) end but I did not find any reference to CAN. Is the CAN dissector hidden in some DissectorTable? But then which one? I couldn't find it. The relevant lines in the C code seem to be proto_can = proto_register_protocol( "Controller Area Network", /* name */ "CAN", /* short name */ "can" /* abbrev */ ); And dissector_handle_t can_handle; can_handle = create_dissector_handle(dissect_socketcan, proto_can); dissector_add_uint("wtap_encap", WTAP_ENCAP_SOCKETCAN, can_handle); dissector_add_uint("sll.ltype", LINUX_SLL_P_CAN, can_handle); but I am not very familiar with Wireshark source, so I am guestimating here. Also, after solving the problem of getting a reference to the original CAN dissector I guess I need to replicate the add_uint calls in Lua to register my own dissector. If anyone has the correct syntax up his sleeve I'd also appreciate it :) Thanks Sebastian ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Chained CAN dissecector: Can not get reference for CAN dissector Sebastian Schildt (Dec 15)
- Re: Chained CAN dissecector: Can not get reference for CAN dissector Pascal Quantin (Dec 15)
- Re: Chained CAN dissecector: Can not get reference for CAN dissector Sebastian Schildt (Dec 21)
- Re: Chained CAN dissecector: Can not get reference for CAN dissector Michael Mann (Dec 15)
- Re: Chained CAN dissecector: Can not get reference for CAN dissector Sebastian Schildt (Dec 15)
- Re: Chained CAN dissecector: Can not get reference for CAN dissector Pascal Quantin (Dec 15)