Wireshark mailing list archives

Re: query regarding handoff function

From: Guy Harris <guy () alum mit edu>
Date: Mon, 17 Feb 2014 02:44:33 -0800


On Feb 17, 2014, at 12:45 AM, Anders Broman <anders.broman () ericsson com> wrote:

On Feb 17, 2014, at 08:29 AM, Rahul Rohit wrote:

If the handoff function includes all  those protocols to which the packets can be forwarded for dissection from the 
current protocol, why the handoff function for sctp does not contain the handle of >NBAP protocol( As depending on 
the port value the packets from sctp can be forwarded to NBAP protocols , why  NBAP handle is not  in sctp handoff 
function ) ??

 
Because that’s not the way it works J
 
proto_reg_handoff_sctp()
 
Is called so the SCTP dissector can do its own registrations.
 
In void proto_register_sctp(void)
 
 
The SCTP dissector registers two dissector tables.
sctp_port_dissector_table = register_dissector_table("sctp.port", "SCTP port", FT_UINT16, BASE_DEC);
sctp_ppi_dissector_table  = register_dissector_table("sctp.ppi",  "SCTP payload protocol identifier", FT_UINT32, 
BASE_HEX);
 
Any dissector wanting to be called from the SCTP dissector needs to register in those tables in its own handoff 
routine.


I.e., if protocol X has a payload that could be protocol Y, or Z, or W, depending on some value known to protocol X, it 
is not the responsibility of the dissector for protocol X's to know about protocols Y, Z, and W, it's the 
responsibility of the dissectors for protocols Y, Z, and W to know about protocol X and the appropriate values.

Therefore, the SCTP dissector doesn't need to know about the protocols that run on top of it; those protocols need to 
know about the SCTP port and PPI fields and the values that their protocols use.

That way, when a dissector for a new protocol is added, you don't have to change the dissector for the protocols atop 
which that protocol runs, you only have to add the new dissector.  For example, if some protocol uses the Ethernet type 
0xDEAD, you can add a dissector for that protocol without having to modify the "Ethertype" dissector; you just have 
that dissector register its handle in the "ethertype" dissector table, with the value 0xDEAD.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

query regarding handoff function Rahul Rohit (Feb 16)
- Re: query regarding handoff function Anders Broman (Feb 17)
  - Re: query regarding handoff function Guy Harris (Feb 17)