Wireshark · Ethereal-dev: RE: [Ethereal-dev] Discovery of an UDP protocol dissector

Ethereal-dev: RE: [Ethereal-dev] Discovery of an UDP protocol dissector

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Erwin Rol <mailinglists@xxxxxxxxxxxx>

Date: Mon, 09 Jan 2006 23:42:20 +0100

Hey Bill,

On Mon, 2006-01-09 at 10:20 -0600, Bill Florac wrote:
> I see how I can register a port number, and that does work. However, ACN
> can be on any port and I don't see a point in the dissector where it is
> it can respond to all unassigned ports and accept to decline the packet.

If you look in the file
http://anonsvn.ethereal.com/ethereal/trunk/epan/dissectors/packet-rtp.c
you see a heur_dissector_add( ..... ) near the end of the file. The
dissect_rtp_heur argument of that call is a function that is called for
all UDP packets received. If you look in this function you see it tries
to figure out if the packet received is a rtp packet or not. If finds
that it isn't a RTP packet it returns FALSE. If it finds it is a RTP
packet it call a normal dissector (that draws the tree view and so on)
and returns TRUE (meaning the packet was handled).

For ACN this would be the same, look for specific fields in the packet
that you can use to recognize an ACN packet, if you are sure it is than
just dissect it, if it isn't ignore it. 

- Erwin

References:
- RE: [Ethereal-dev] Discovery of an UDP protocol dissector
  - From: Bill Florac

Prev by Date: [Ethereal-dev] [Request for comments]: editcap manpage redesigned - changing other manpages as well?
Next by Date: RE: [Ethereal-dev] Multiple/Recursive PDUs
Previous by thread: RE: [Ethereal-dev] Discovery of an UDP protocol dissector
Next by thread: [Ethereal-dev] ASN2ETH for Remote operation Notation, generic functional protocol and some ETSI ISDN features
Index(es):
- Date
- Thread