Wireshark mailing list archives

Re: How to get calling dissector

From: Roland Knall <rknall () gmail com>
Date: Mon, 29 Jan 2018 18:03:37 +0100

Short answer: packet_info->layers should get you the list of protocols
called before yours. If you iterate, you should see the other protocols
before yours. In packet.c:754 you see the code adding to the list.

Not sure though, how stable that interface is. It is pretty in-depth for
span, so you should be save to use it, but not sure, if it is official, or
if there is another way.

cheers
Roland

On Sun, Jan 28, 2018 at 10:59 PM, Uli Heilmeier <uh () heilmeier eu> wrote:

Hi all,

TL,DR:
How does a dissector know which dissector called it?

Long version:
I’m currently implementing a dissector for „Session Multiplex Protocol“
(SMP) [1] requested in bug 14110 [2].
The Tabular Data Stream (TDS; MS SQL Server) protocol depends on SMP when
using the MARS feature [3].

SMP runs on top of TCP and is a session layer protocol. SMP however has no
identifier to specify the next protocol.
When TDS uses SMP the SMP payload itself is TDS. Resulting in dissector
stack: Ethernet/IP/TCP/TDS/SMP/TDS.

I want to call the TDS dissector for the SMP payload data only when it was
called by TDS. Otherwise just display the data as hex.
How can I get the information which dissector called my dissector?

Any ideas are welcome. Thanks!

[1]: https://msdn.microsoft.com/en-us/library/cc219643.aspx
[2]: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14110
[3]: https://docs.microsoft.com/en-us/sql/relational-databases/
native-client/features/using-multiple-active-result-sets-mars

Cheers Uli
____________________________________________________________
_______________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=
unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

How to get calling dissector Uli Heilmeier (Jan 29)
- Re: How to get calling dissector Roland Knall (Jan 29)
  - Re: How to get calling dissector Uli Heilmeier (Jan 29)
    - Re: How to get calling dissector Shai Shapira (Jan 30)
    - Re: How to get calling dissector Uli Heilmeier (Jan 30)