nimalan s wrote:
1.I.e., there's no port number field in protocol X
that distinguishes between different protocols running
on top of protocol X?
Yes.This protocol dissector runs on top of udp which
is again a transport layer protocol, but a customary
protocol used for specific application only.And X
doesnot have a port number field.
2.Or does it mean that there might be other protocols
running on top of X,but there isn't some single field
that specifies what the other protocol is, so the
decision is based on looking at various fields?
Yes.there are two types of protocols that runs above
X.I have to call each of these dissectors based on
some(many) fields on x.How can i do it?
Have the dissectors for the two protocols running above X register
themselves by name, with a call to "register_dissector()":
register_dissector("y", dissect_y, proto_y);
and
register_dissector("z", dissect_z, proto_z);
and have the dissector for protocol X get handles for those two
dissectors in its "proto_reg_handoff" routine:
static dissector_handle_t y_handle, z_handle;
...
y_handle = find_dissector("y");
z_handle = find_dissector("z");
and call the dissector for protocol "y" with
call_dissector(y_handle, new_tvb, pinfo, tree);
and for protocol "z" with
call_dissector(z_handle, new_tvb, pinfo, tree);
