Wireshark-dev: [Wireshark-dev] Disectors & conversations
From: "Cook, Timothy" <tcook@xxxxxxxxxxxxxxxxxx>
Date: Wed, 21 Jun 2006 11:38:31 -0400
We have written a new dissector for Wireshark.  Using the the README.developer (plus other dissector examples) made the creation very simple (thanks for the detailed info).
 
My dissector hooks TCP port 1000.
 
How can I hook TCP packets (SYN/FIN/RST/...) and change the Protocol column data to mimic the respective dissector.
 
I want to be able to filter based on the protocol & get the whole conversation, including the channel open & close.
 
 
-Tim