> I wrote a heuristic packet dissector and it doesn't show up under the list
> of "Decode As..." options. I searched through the code and found that the
> Decode As function loads the following dissector tables:
>
> dissector_table_foreach("tcp.port", decode_add_to_clist, &info);
> dissector_table_foreach("udp.port", decode_add_to_clist, &info);
> dissector_conv_foreach("udp", decode_add_to_clist, &info);
>
> It never adds any of the heuristic dissectors to the list...this is a huge
> problem because right I can't change how my packet is being decoded!
That's because heuristic dissectors do not have the same calling
sequence as non-heuristic dissectors, and thus cannot be used in the
exact same places (e.g., "Decode As...") as non-heuristic dissectors.
You should, instead, write a *NON*-heuristic dissector for that protocol
(if you're explicitly telling Ethereal to use that dissector for
particular ports, the heuristic checks are pointless), and make the
heuristic dissector call the non-heuristic dissector if the packet
passes the tests:
gboolean
dissect_XXX_heur(...)
{
if (the heuristic tests fail)
return FALSE;
dissect_XXX(...);
return TRUE;
}
