Re: Enabling protocol in Decode As dialog

[Guy Harris <guy () alum mit edu>]

On Jun 10, 2016, at 10:40 AM, Robert Cragie <robert.cragie () gridmerge com> wrote:

> It's more like a tunnelling protocol e.g. L2TP where L2 runs atop a L4 protocol - which is not "conventional".

"Conventional" is irrelevant to Wireshark - from the standpoint of Wireshark, X runs atop Y if:

        Y has a mechanism for handing its payload to other dissectors;

        X's dissector is one of the ones to which it can hand its payload;

regardless of where X and Y "normally" happen to live in the protocol stack.

So, if protocol Y has a dissector table and thus also has support for "decode as", registering X's dissector with Y is 
done the same way regardless of whether the layering is "conventional" or not; "unconventional" must not affect how you 
think of setting up your dissector - or how you ask about how to set up your dissector.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe