Wireshark-dev: Re: [Wireshark-dev] Passing data from Plugin dissector to a standard wireshark d
Hi again,
Any one having any other idea here. To put it short, I have written a plugin dissector for a custom protocol which works fine in wireshark, but as a next step I want rest of packet data to be decoded by a higher layer protocol dissector of wireshark (e.g. TCP or UDP, depending on a field value of custom protocol). Can you please guide me, as to what steps should I take in to account to get this task done.
Additional Info:
Platform being used in Ubuntu
Programming Language is C or C++
I am counting alot on anyone's help. So please help me here.
Thanks and Regards,
Hammad Kabir
On Sun, Aug 12, 2012 at 2:57 PM, Martin Kaiser
<lists@xxxxxxxxx> wrote:
Hi Hammad,
Thus wrote hammad kabir (hammadsatti@xxxxxxxxx):
> I have recently implemented a wireshark dissector of a relatively
> simple protocol (lets call the protocol as COOL) for a project of
> mine. This dissector gets the data from IP layer and then parses it
> according to protocol definition of COOL protocol. (so far its good).
> But, next step involves passing the data from COOL protocol ( which is
> a plugin dissector in my case) to TCP protocol for further dissection
> of packet. However, I am having a difficult time in getting this
> (later) task done.
a while ago, I added dissection of DVB-CI messages that contain a tcp or
udp part. Have a look at epan/dissectors/packet-dvbci.c. When the
connection is opened, I call store_lsc_msg_dissector() and try to find
the matching dissector for the selected tcp (or udp) port.
Later in dissect_dvbci_payload_lsc(), case
T_COMMS_SEND_LAST..., I call the tcp dissector using call_dissector()
and pass the message tvb as a parameter.
Is this similar to your task?
Regards,
Martin
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe