Wireshark · Ethereal-dev: Re: [Ethereal-dev] protocol handoff still confusing / README.developer out of date / "data" dissecto

Ethereal-dev: Re: [Ethereal-dev] protocol handoff still confusing / README.developer out of da

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Jeff Morriss <jeff_morriss@xxxxxxxxxxx>

Date: Fri, 30 Apr 2004 10:01:18 -0400


Ulf Lamping wrote:

[...]

In the lower layer code, the dissector will create a new tvb usingtvb_new_subset(), and then call the upper layer dissector usingcall_dissector()
The only thing still missing in my understanding is the data_handle inthe call to call_dissector(). At various places I've found:
data_handle = find_dissector("data");

but what's the use of this "data"?

It's useful if the dissector you're implementing has some payload thatyour dissector is not going to (or is not able to) interpret or hand offto another dissector. This payload is considered a blob of "data" andthe "data" dissector just displays how much data there is ("Data (XXbytes)") and allows the blob to be highlighted in the hex-data pane ifyou click on it.

For example if the MTP3 dissector does not find a higher level protocol(e.g., SCCP) to hand its payload off to, instead it hands the payload tothe "data" dissector--this is a simple way to display the rest of thepacket.

References:
- [Ethereal-dev] protocol handoff still confusing / README.developer out of date
  - From: Ulf Lamping

Prev by Date: [Ethereal-dev] Patch for CLNS over Cisco HDLC dissecting
Next by Date: Re: [Ethereal-dev] Re: GUI layout preference, 1st proposal
Previous by thread: [Ethereal-dev] protocol handoff still confusing / README.developer out of date
Next by thread: RE: [Ethereal-dev] [RFC] specially mark protocol fields "generate d" byEthereal?
Index(es):
- Date
- Thread