ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
April 17th, 2024 | 14:30-16:00 SGT (UTC+8) | Online
Wireshark logo

Wireshark-dev: Re: [Wireshark-dev] Calling other dissectors and returning

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Kevin A. Noll" <spamknoll@xxxxxxxxxxxxx>
Date: Thu, 03 May 2007 11:02:29 -0400

What I've done so far has been contributed in bugzilla ticket 1522. I added
very high-level information to the decode that was already in the WLCCP
dissector.

I'm just now trying to dig deeper.

I'll give your example a try and see what happens.

Thanks!

--kan--
--
Kevin A. Noll, KD4WOZ
CCIE, CCDP
Versatile, Inc.		
Kevin.Noll@xxxxxxxxxxxxx
+1-717-796-1936

-----Original Message-----
From: wireshark-dev-bounces@xxxxxxxxxxxxx
[mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Joerg Mayer
Sent: Thursday, May 03, 2007 10:40 AM
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] Calling other dissectors and returning

On Thu, May 03, 2007 at 10:07:22AM -0400, Kevin A. Noll wrote:
> I am trying to finish writing additional decode details for the WLCCP 
> dissector. In places, though, the WLCCP protocol carries other 
> protocol data that I'd like to decode, but not re-write the code.

Nice. Can you send in what you already have?

> I know I can call other dissectors, but it's not apparent to me (an 
> amateur) how or if they return to the original dissector, which is 
> what I would need to do. For example, WLCCP can embed EAPOL messages as
follows:
> 
> 
> 1. Generic WLCCP Headers
> 2. WLCCP Message-Type Specific Headers 2a. Embedded EAPOL 3. More 
> WLCCP Message-Type Specific Data 4. Possibly some variable TLV 
> information
> 
> 
> I need to be able to call the external EAPOL dissector and return to 
> the WLCCP dissector to finish dissecting the WLCCP headers and TLVs.
> 
> I would be much obliged if someone could give me a pointer on how to 
> do this and/or to a dissector that does something similar.

have a look at packet-radius.c and how eap support is handlered there.
In short:

proto_reg_handoff_radius(void)
	...
        eap_handle = find_dissector("eap");

And further up: 

	call_dissector(eap_handle, eap_tvb, pinfo, eap_tree);

Ciao
   Joerg
-- 
Joerg Mayer                                           <jmayer@xxxxxxxxx>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube