Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-dev: Re: [Wireshark-dev] what parameters for dissector_add() for a non-nested protoco

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Guy Harris <guy@xxxxxxxxxxxx>
Date: Tue, 17 Jul 2007 08:40:00 -0700
Fulko.Hew@xxxxxxxxx wrote:

Wow. thanks for that great explanation.
It makes me wonder if I'm not missing any API documentation somewhere?

And if I'm not... stuff like this should be there.
It would certainly save you a lot of time answering
what are probably basic developer philosophy issues.

BTW. I have read the README.developer, the "developer's guide",
the 'coding for Ethereal' chapter from the Syngress book, and
the Wiki, but nowhere did I see info as clear as your response here.
Some day, we should probably add a lot more stuff to the developer documentation - and perhaps figure out what belongs in the developer's guide and what belongs in README.* files. I'll look at adding stuff to README.developer, at least, when I have some time. 


The distinction between the two cases you give is not a distinction
that the Wiretap code makes, nor is it a distinction that we want to
make in the documentation.


Then what _is_ the significance of the distinction?
None, really, from the standpoint of the Wireshark core. The underlying mechanisms for dissector tables are intended to let you choose a dissector based on a numeric or string value, regardless of where that numeric or string value came from. 


and/or why are there two routines?


To which two routines are you referring?


Is there another API called disect_data(), or do you mean
calling call_dissector(my_handle, ...), or
something completely different?
There is, but you should call it through a handle (handles, among other things, allow dissectors with different APIs - "old-style" and "new-style" dissectors - to be called without the caller knowing or caring what API the dissector uses; they also allow plugins to get hold of dissectors defined in other plugins, and to get hold of dissectors defined in libwireshark on Windows without libwireshark having to export them in libwireshark.def). 

You'd declare

	static dissector_handle_t data_handle;

and, if dissector_try_port() fails, do

	call_dissector(data_handle, tvb, pinfo, tree);

and, in your register-handoff routine, do

	data_handle = find_dissector("data");
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube