Re: Passing data from Plugin dissector to a standard wireshark dissector (i.e. TCP)

[hammad kabir <hammadsatti () gmail com>]

Hi Mike,

This should have been easy. Apparently other wireshark dissector codes also
make use of it. I don't know why I never thought this through earlier.
Eitherway, Thanks alot for your help.


Regards,
Hammad Kabir



On Sat, Aug 25, 2012 at 10:03 PM, Mike Morrin <morrinmike () gmail com> wrote:

> On 25/08/2012 15:06, hammad kabir wrote:
>
> > Hi again,
> >
> > Any one having any other idea here. To put it short, I have written a
> > plugin dissector for a custom protocol which works fine in wireshark,
> > but as a next step I want rest of packet data to be decoded by a higher
> > layer protocol dissector of wireshark (e.g. TCP or UDP, depending on a
> > field value of custom protocol). Can you please guide me, as to what
> > steps should I take in to account to get this task done.
>
>
> In this respect a plug in dissector is the same as a built in dissector.
>
> Declare dissector handles:
> static dissector_handle_t udp_handle, tcp_handle;
>
> Define a function such as:
> void proto_reg_handoff_your_**dissector_name(void)
> {
>     udp_handle = find_dissector("udp");
>     tcp_handle = find_dissector("tcp");
> }
>
> Then in your dissector code:
> {
> ...
>    if (is_udp)
>      call_dissector(udp_handle, next_tvb, pinfo, tree);
>    else
>      call_dissector(tcp_handle, next_tvb, pinfo, tree);
> }
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe