Wireshark
the world's foremost network protocol analyzer
Wireshark-dev: Re: [Wireshark-dev] [Patch] update to packet-newmail.c
From: "ronnie sahlberg" <ronniesahlberg@xxxxxxxxx>
Date: Wed, 4 Oct 2006 01:54:41 +1000
since this uses a ephemeral port number which changes between runs you should not register the dissector to the port itself
much better is to once you have detected that port A on host B uses that protocol
you create a conversation for host B port A and register the dissector for that particular protocol.
you can see examples of how this is done in (i think) the dissector for portmapper
On 10/3/06, Stephen Fisher <stephentfisher@xxxxxxxxx> wrote:
Attached is a patch that changes packet-newmail.c to always register
itself on the port from the preferences (defaults to 0) upon launch.
This allows the user to right-click and use decode as. Currently, the
dissector only registers itself when the default port number changes
from 0 or by packet-dcerpc-mapi.c when a MAPI register push notification
packet is seen.
Thanks,
Steve
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev
- Follow-Ups:
- Re: [Wireshark-dev] [Patch] update to packet-newmail.c
- From: Stephen Fisher
- Re: [Wireshark-dev] [Patch] update to packet-newmail.c
- References:
- [Wireshark-dev] [Patch] update to packet-newmail.c
- From: Stephen Fisher
- [Wireshark-dev] [Patch] update to packet-newmail.c
- Prev by Date: [Wireshark-dev] Improve Tcap oid management
- Next by Date: Re: [Wireshark-dev] Patch for BACnet (packet-bacapp.c/.h)
- Previous by thread: Re: [Wireshark-dev] [Patch] update to packet-newmail.c
- Next by thread: Re: [Wireshark-dev] [Patch] update to packet-newmail.c
- Index(es):