Wireshark mailing list archives
Re: "Decode As" - adding payload decoding for the FLIP protocol
From: Anders Broman <anders.broman () ericsson com>
Date: Thu, 19 Aug 2010 10:00:52 +0200
-----Original Message----- From: wireshark-dev-bounces () wireshark org [mailto:wireshark-dev-bounces () wireshark org] On Behalf Of Guy Harris Sent: den 19 augusti 2010 09:51 To: Developer support list for Wireshark Subject: Re: [Wireshark-dev] "Decode As" - adding payload decoding for the FLIP protocol On Aug 19, 2010, at 12:25 AM, Juha Siltanen wrote:
The FLIP protocol (implemented in packet-flip.c) works on top of Ethernet, having type 0x8901 and adding itsown headers plus payload. The FLIP headers contain no indication of the payload type and it cannot be deduced from the contents of the capture either. I would like to give the user an option to decode the payload to the protocol of his choosing by using "Decode As". The problem is that right-clicking and choosing "Decode As" only >gives link-level protocols, and I would like to decode the payload using transport-level protocols (for example >RTP). Unfortunately, the "Decode As" mechanism is not a general mechanism usable for all protocol handoffs. For one thing, it's oriented towards protocols that have some field that could be used as a protocol selector; as FLIP has no such field (as per "The FLIP headers contain no indication of the payload type"), it's not appropriate for this case. (I.e., "Decode As" means "decode XXX as YYY", where XXX is a particular value for a particular protocol field, but there's no XXX available in this case.) Currently, the best way to handle this is probably to have a preference for FLIP that specifies the payload protocol; that preference would be an enum preference, listing the possible protocols. The dissectors for the protocols in question would 1) have to *NOT* assume that they're running atop, for example, a transport-layer protocol such as TCP or UDP running in turn over IP (for example, they can't assume that a network-layer address is available) and 2) be registered with a name, so that the FLIP dissector can fetch a handle for them.
For the user DLT I think it is possible to specify the handoff protocol by name in the UAT table. The caveat is of course that the handoff protocol has to be registered by name. It should be possible to do something simmilar here. Regards Anders ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- "Decode As" - adding payload decoding for the FLIP protocol Juha Siltanen (Aug 19)
- Re: "Decode As" - adding payload decoding for the FLIP protocol Guy Harris (Aug 19)
- Re: "Decode As" - adding payload decoding for the FLIP protocol Anders Broman (Aug 19)
- Re: "Decode As" - adding payload decoding for the FLIP protocol Guy Harris (Aug 20)
- Re: "Decode As" - adding payload decoding for the FLIP protocol Juha Siltanen (Aug 24)
- Re: "Decode As" - adding payload decoding for the FLIP protocol Anders Broman (Aug 19)
- Re: "Decode As" - adding payload decoding for the FLIP protocol Guy Harris (Aug 19)