Wireshark mailing list archives
Re: "Decode As" - adding payload decoding for the FLIP protocol
From: Guy Harris <guy () alum mit edu>
Date: Fri, 20 Aug 2010 18:50:45 -0700
On Aug 19, 2010, at 1:00 AM, Anders Broman wrote:
Currently, the best way to handle this is probably to have a preference for FLIP that specifies the payload protocol; that preference would be an enum preference, listing the possible protocols. The dissectors for the protocols in question would 1) have to *NOT* assume that they're running atop, for example, a transport-layer protocol such as TCP or UDP running in turn over IP (for example, they can't assume that a network-layer address is available) and 2) be registered with a name, so that the FLIP dissector can fetch a handle for them.For the user DLT I think it is possible to specify the handoff protocol by name in the UAT table. The caveat is of course that the handoff protocol has to be registered by name.
Exactly - "The dissectors for the protocols in question would ... [have to be] be registered with a name, so that the FLIP dissector can fetch a handle for them." However, this is different from the user DLT, where you have a mapping between user DLT values and dissectors; in this case, there's no protocol type field from which to map, so the "map" has only one row and one column in it, meaning it has only one value in it, namely the dissector to use. (As for item 1), that also applies in the user DLT case - a dissector that fails if, for example, it can't find a source or destination IP address for the packet, as supplied by the dissector calling it, isn't going to work very well as a user DLT dissector, as there's no IP dissector above it in the stack, just as it won't work well as a FLIP payload dissector.) ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- "Decode As" - adding payload decoding for the FLIP protocol Juha Siltanen (Aug 19)
- Re: "Decode As" - adding payload decoding for the FLIP protocol Guy Harris (Aug 19)
- Re: "Decode As" - adding payload decoding for the FLIP protocol Anders Broman (Aug 19)
- Re: "Decode As" - adding payload decoding for the FLIP protocol Guy Harris (Aug 20)
- Re: "Decode As" - adding payload decoding for the FLIP protocol Juha Siltanen (Aug 24)
- Re: "Decode As" - adding payload decoding for the FLIP protocol Anders Broman (Aug 19)
- Re: "Decode As" - adding payload decoding for the FLIP protocol Guy Harris (Aug 19)