Hal Lander wrote:
There is a function
/* Find a dissector table by table name. */
extern dissector_table_t find_dissector_table(const char *name);
So after I have added my heuristic dissector I should be able to call
tbl=find_dissector_table("tcp");
and see my dissector?
No, because that's the table for dissectors registered with particular
TCP port numbers. The call to get the table for heuristic dissectors is
tbl = find_heur_dissector_list("tcp");
Does anybody have a code snippit to show how to loop the table and see the
dissectors?
No, because there is currently no way to do that.
Where is the table structure defined?
Internally to epan/packet.c; it's opaque to dissectors. That is by
design and intent.
Dissectors should not need to loop the table and see the dissectors;
dissectors should be written in such a way as to be completely
independent of the contents of a heuristic dissector table in which
they're registered.
Most importantantly what determines the order in which the heuristic
dissectors are called,
The order in which the dissectors are added to that table.
and how can I make sure mine is called first?
We do not offer any mechanism to control the order in which dissectors
are added to the table; this is by design and intent. If another
dissector happens to be before your dissector in the table, and happens
to claim a packet that's a packet for your protocol, that means that
it's claiming a packet that's not a packet for its protocol, which means
its heuristics are too weak and it needs to be fixed.
