Wireshark

  • Riverbed Technology
  • WinPcap
the world's foremost network protocol analyzer
  • Wireshark
    • About
    • Download
    • Blog
  • Get Help
    • Ask a Question
    • FAQs
    • Documentation
    • Mailing Lists
    • Online Tools
    • Wiki
    • Bug Tracker
  • Develop
    • Get Involved
    • Developer's Guide
    • Browse the Code
    • Latest Builds

Wireshark-dev: [Wireshark-dev] Adding dissector: how to register field array with two protocols?

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next


From: "Michael Kaufman" <Michael.Kaufman@xxxxxxxxxxxxx>
Date: Thu, 5 Mar 2009 17:54:30 +0200

I am adding dissectors for two proprietary protocols. The protocols differs in encapsulation and header structure, but have the same payload structure.

For each protocol I call proto_register_protocol, create_dissector_handle and proto_register_field_array for protocol header fields. 

The question is: what should I do with the payload fields? Register them twice, i.e. call proto_register_field_array for the payload fields with each protocol? I am not quite understand what is the meaning of field array registration with protocol.

-- 
Michael Kaufman
  • Prev by Date: Re: [Wireshark-dev] A simple question about wireshark: confusion about OICQ protocol analysis
  • Next by Date: Re: [Wireshark-dev] A simple question about wireshark: confusion about OICQ protocol analysis
  • Previous by thread: Re: [Wireshark-dev] Reassembling splitted PPP packets
  • Next by thread: [Wireshark-dev] OS X Install Issues
  • Index(es):
    • Date
    • Thread

Wireshark and the "fin" logo are registered trademarks of the Wireshark Foundation