Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Passing further information between dissections

From: Alan Bowman <alan.michael.bowman () gmail com>
Date: Mon, 26 Jul 2010 13:13:44 +0100
Perfect, that's exactly what I was after.  Thanks very much.

Alan

On 26 July 2010 09:07, Tarjei Knapstad <tarjei.knapstad () gmail com> wrote:

On 23 July 2010 13:49, Alan Bowman <alan.michael.bowman () gmail com> wrote:

I have written two dissectors for some protocols I am using, one of
which is wrapped inside the other.  Protocol B is used if a particular
byte (A6, below) in protocol A is a particular value.  I have
registered A using register_dissector_table().  I can create a subset
tvb and use dissector_try_port() to get protocol B dissector to be
called and to have the data (B0..BN) passed to it.  However, B's
dissection also depends on knowing whether A was sent as a broadcast
packet or as a direct response to a request, which is stored in A's
header (A2).  (Not my design!).  Can anyone suggest how I should pass
this information to B?  Should I tack it onto the start of the tvb as
a composite buffer, or is there some way of attaching metadata to it?
Is there a similar protocol I should look at?

A0 A1 A2 A3 A4 A5 A6 B0 B1 B2 ... BN

Thanks in advance



Alan,

I think this is usually achieved by passing the data along in the
packet_info->private_data field. In your case I guess it would suffice
to just pass along a boolean. Hopefully someone will correct me if I'm
wrong here, but I think the standard procedure is along these lines:

 void* saved_private_data = pinfo->private_data;
 gboolean isBroadcastPacket = check_if_broadcast_packet(/*...*/);
 pinfo->private_data = &isBroadcastPacket;
 dissector_try_port(/*...*/);
 pinfo->private_data = saved_private_data;

Regards,
Tarjei
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request () wireshark org?subject=unsubscribe


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: