Re: How to get calling dissector

[Dario Lombardo <dario.lombardo.ml () gmail com>]

If you're interested in knowing if the layers contain a specific
protocol, proto_is_frame_protocol could be your choice. However, this
doesn't give you the previous layer.

On Mon, Jan 29, 2018 at 6:03 PM, Roland Knall <rknall () gmail com> wrote:

> Short answer: packet_info->layers should get you the list of protocols
> called before yours. If you iterate, you should see the other protocols
> before yours. In packet.c:754 you see the code adding to the list.
>
> Not sure though, how stable that interface is. It is pretty in-depth for
> span, so you should be save to use it, but not sure, if it is official, or
> if there is another way.
>
> cheers
> Roland
>
> On Sun, Jan 28, 2018 at 10:59 PM, Uli Heilmeier <uh () heilmeier eu> wrote:
>
> > Hi all,
> >
> > TL,DR:
> > How does a dissector know which dissector called it?
> >
> > Long version:
> > I’m currently implementing a dissector for „Session Multiplex Protocol“
> > (SMP) [1] requested in bug 14110 [2].
> > The Tabular Data Stream (TDS; MS SQL Server) protocol depends on SMP when
> > using the MARS feature [3].
> >
> > SMP runs on top of TCP and is a session layer protocol. SMP however has
> > no identifier to specify the next protocol.
> > When TDS uses SMP the SMP payload itself is TDS. Resulting in dissector
> > stack: Ethernet/IP/TCP/TDS/SMP/TDS.
> >
> > I want to call the TDS dissector for the SMP payload data only when it
> > was called by TDS. Otherwise just display the data as hex.
> > How can I get the information which dissector called my dissector?
> >
> > Any ideas are welcome. Thanks!
> >
> > [1]: https://msdn.microsoft.com/en-us/library/cc219643.aspx
> > [2]: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14110
> > [3]: https://docs.microsoft.com/en-us/sql/relational-databases/na
> > tive-client/features/using-multiple-active-result-sets-mars
> >
> > Cheers Uli
> > ____________________________________________________________
> > _______________
> > Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
> > Archives:    https://www.wireshark.org/lists/wireshark-dev
> > Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
> >              mailto:wireshark-dev-request () wireshark org?subject=unsubscr
> > ibe
>
>
>
> ____________________________________________________________
> _______________
> Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
> Archives:    https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>              mailto:wireshark-dev-request () wireshark org?subject=
> unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe