Ethereal-dev: Re: [Ethereal-dev] help on dissector_add
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
Kiss Gyula wrote:
Thanks for your value info for understanding the problem, however this
still doens't work to me. I tried with "llc.dsap" now but nothing
happened. I mean that my dissect_abcd() function is not called. (I have
a capture to test with)
Do any packets in that capture have 802.2 packets with a DSAP value
equal to the value you used in the dissector_add() call?
If not, *that's* why nothing happened - there are no packets that have
the specified DSAP value.
(Note: no dissector should *EVER* register for a DSAP value of 0xAA.
Those packets *MUST* be processed by the LLC dissector's SNAP code.)
If your dissector has a particular SNAP PID value, such as 0x0088,
assigned to it, then that value *MUST* have been assigned within a
particular space of PID values - there isn't a single global space of
PID values, there are multiple spaces, each one identified by an IEEE OUI.
The OUI of 00:00:00 is for a space of PIDs that's the same as the space
of Ethernet types, but 0x0088 isn't a valid Ethernet type (it's too small).
For the other PID spaces, you would first need to register a "fake"
dissector for the OUI for that space; that dissector would then get a
dissector table name for the PIDs in its space, and your "abcd"
dissector would then register in *that* dissector table.
See "epan/dissectors/packet-nt-oui.c" as an example of one of those
"fake dissectors" for a given SNAP OUI, and see
"epan/dissectors/packet-nt-sonmp.c" for an example of a dissector that
registers with a particular PID (two of them, actually) in the space for
that Nortel OUI.
