I see how I can register a port number, and that does work. However, ACN
can be on any port and I don't see a point in the dissector where it is
it can respond to all unassigned ports and accept to decline the packet.
-- Bill
-----Original Message-----
From: ethereal-dev-bounces@xxxxxxxxxxxx
[mailto:ethereal-dev-bounces@xxxxxxxxxxxx] On Behalf Of Erwin Rol
Sent: Monday, January 09, 2006 10:14 AM
To: Ethereal development
Subject: Re: [Ethereal-dev] Discovery of an UDP protocol dissector
On Mon, 2006-01-09 at 03:23 -0600, Bill Florac wrote:
> Is there a means to have a dissector tell Ethereal that it can dissect
> a packet based on anything other than the port number? If a protocol
> uses multiple ports how can I make so a user does not have to right
> click on each instance and select "decode as"?
>
Yes you have some possibilities, one is when the protocol has a port
number embedded in a network packet, you can dissect that setup packet
and dynamically register that newly found port number for the protocol.
Another solution is to look at the content of the network packet and try
to figure out if that packet is a packet with the wanted protocol (for
example by seeing a magic number at the right place in combination with
a correct checksum or what ever the protocol has for recognizable
fields.) For information on that last way look in the
epan/dissectors/packet-rtp.c for heur_dissector_add, that shows how it
works.
More information can also be found in the doc directory especially
README.developer.
- Erwin
--
Erwin Rol Software Engineering - http://www.erwinrol.com/
tel: +49-(0)8024-479378 gsm: +49-(0)171-6929198 email: info@xxxxxxxxxxxx
_______________________________________________
Ethereal-dev mailing list
Ethereal-dev@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-dev
