Wireshark-dev: Re: [Wireshark-dev] Dissecting multiple protocol headers in a single plugin

From: Guy Harris <guy@xxxxxxxxxxxx>
Date: Tue, 03 Apr 2007 11:01:18 -0700

Bob Doolittle wrote:

Looking at packet.c, it appears that the type of the HF name
I'm passing as the first arg doesn't map to an acceptable type,
but in fact I've declared that field with type FT_UINT8,
which should be fine.  Another possibility is that the
fields haven't been registered yet so aren't recognized (it
would be nice if this were a separate, distinguishable
assertion error :(), but I only call the proto_register_*
routine for the sub-layer after the proto_register_*
for the higher layer has returned successfully, so I'd expect
the fields to be registered at that point.

Another possibility is that the first argument to dissector_add() is the name of a dissector table, not the name of a field, even though dissector tables are often - but *NOT* always! - given the same name as a field whose value is used as the key for looking up entries in that dissector table.

That's the correct possibility. Dissector tables are not automatically created for fields; you need to create the dissector table explicitly with a call to register_dissector_table().