Re: New dissector between existing protocols

[Juan Jose Martin Carrascosa <juanjo () rti com>]

Hi again,

I have been reading some source code (UDP), and I have found the following:

1) When the dissection is completed, we call "decode_udp_ports".
2) Within this function, we get a subset of the tvb with next_tvb =
tvb_new_subset(tvb, offset, len, reported_len);
3) We provide that subset to the heuristic dissectors registered
with call_heur_dissector_direct(udp_p_info->heur_dtbl_entry, next_tvb,
pinfo, tree, NULL);

I will assume that this is the way to go and I will implement it like this.

Thanks!
Juanjo Martin

On Thu, Nov 27, 2014 at 12:09 PM, Juan Jose Martin Carrascosa <
juanjo () rti com> wrote:

> Hi all!
>
> I have to implement a new dissector that goes between TCP and RTPS. The
> name is not decided yet so let's call it XXX. I wonder, what is the best
> way to proceed here:
>
> 1) Currently, RTPS is already registered with UDP and TCP. Register it
> also with XXX. I don't know what steps do I need to do in the XXX dissector
> to let other dissectors listen to this one...
>
> 2) Do an #include packet-rtps.h in the packet-xxx.c dissector and call the
> function dissect_rtps with its parameters.
>
> 3) Other approach that I am not aware of but you consider right.
>
> Please, in case the proper way to do things is number one, can you point
> me to any example or documentation? I am planning to provide this to the
> Wireshark community and I want to make it correctly.
>
> If you need any extra information, please let me know it.
>
> Thanks,
> Juanjo Martin
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe