Wireshark-dev: [Wireshark-dev] how to link rtp.p_type to different protocol version for dissect
Date: Wed, 22 Oct 2008 11:24:22 +0200
Hi, I've got a working plugin / dissector for ISMACryp 1.1 that I'm currently cleaning up and still checking for bit parsing, but I'd like your help on handling different ISMACryp versions. ISMACryp 1.1 is triggered by an RTP payload type "enc-mpeg4-generic" ISMACryp 2.0 is triggered by an RTP payload type "enc-isoff-generic" I've done ISMACryp 1.1 but would like to at least have a placeholder for ISMACryp 2.0, I think that would help other contributors. Is something like this possible?: /* not sure how to do this, try to display correct ismacryp version according to rtp payload type if defined *rtp.p_type? *if (check_col(pinfo->cinfo, COL_PROTOCOL) & pinfo->cinfo->rtp.p_type== "enc-mpeg4-generic")) * col_set_str(pinfo->cinfo, COL_PROTOCOL, PROTO_TAG_ISMACRYP_11); *if (check_col(pinfo->cinfo, COL_PROTOCOL) & check_col(pinfo->rtp.p_type, "enc-isoff-generic")) * col_set_str(pinfo->cinfo, COL_PROTOCOL, PROTO_TAG_ISMACRYP_20); */ Not sure how to switch in dissection e.g. before if (tree) ???? For automatic association to ISMACryp (info sent via SAP/SDP) or preferences, I have: void proto_reg_handoff_ismacryp(void) { static gboolean ismacryp_prefs_initialized=FALSE; if (!ismacryp_prefs_initialized) { ismacryp_handle = create_dissector_handle(dissect_ismacryp, proto_ismacryp); ismacryp_prefs_initialized = TRUE; dynamic_payload_type=0; } else { /* ismacryp_prefs_initialized = TRUE */ /* delete existing association of ismacryp with payload_type */ if ( dynamic_payload_type > 95 ){ dissector_delete("rtp.pt", dynamic_payload_type, ismacryp_handle); } } /* always do the following */ dynamic_payload_type = temp_dynamic_payload_type; /*update payload_type to new value */ if ( dynamic_payload_type > 95 ){ dissector_add("rtp.pt", dynamic_payload_type, ismacryp_handle); } dissector_add_string("rtp_dyn_payload_type", "ISMACRYP", ismacryp_handle); dissector_add_string("rtp_dyn_payload_type", "enc-mpeg4-generic", ismacryp_handle); /* ISMACryp 1.1 */ /*dissector_add_string("rtp_dyn_payload_type", "enc-isoff-generic", ismacryp_handle);*/ /* ISMACryp 2.0 */ } FYI there is no way to inspect the RTP payload to determine whether or not ISMACryp version is 1.1 or 2.0 (and 1.1 is a subset of 2.0). Not sure if there are good examples I can follow or how easy this is, but appreciate any help. Thanks, David ps dissecting ISMACryp and AU headers only, not decrypting encrypted AUs pps ISMACryp encrypts audio / video access units transported over RTP
- Prev by Date: [Wireshark-dev] aclocal-fallback/glib.m4 and gtk.m4 removed from trunk
- Next by Date: [Wireshark-dev] path for tshark dictionaries
- Previous by thread: [Wireshark-dev] aclocal-fallback/glib.m4 and gtk.m4 removed from trunk
- Next by thread: [Wireshark-dev] path for tshark dictionaries
- Index(es):
- Get Wireshark
- Download
- Code of Conduct