Wireshark · Wireshark-dev: Re: [Wireshark-dev] Dissector for H1 protocol not called

Wireshark-dev: Re: [Wireshark-dev] Dissector for H1 protocol not called

From: Jeff Morriss <jeff.morriss@xxxxxxxxxxx>

Date: Fri, 21 Jul 2006 15:45:32 +0800


Hi list,

Thomas Boehne wrote:

On Thursday 20 July 2006 12:06, Jeff Morriss wrote:

If I set the TCP preference "Try heuristic dissectors first?" then the
"nok" file shows up as H1 for me.


This works for me too, thanks!

The "nok" file has a TCP segment between ports 1030 and 2000.  Looking in:

http://www.iana.org/assignments/port-numbers

we can see that port 2000 is registered to "Cisco SCCP" which Wireshark
has a dissector for (it's called "Skinny" in Wireshark).  Sure enough,
"packet-skinny.c" is not a new style dissector (it returns void), so
it's what's eating your packet.

The attached patch makes the Skinny dissector "new style". Pleaseconsider it for inclusion.

Attachment: skinny.patch.gz
Description: GNU Zip compressed data

Follow-Ups:
- Re: [Wireshark-dev] Dissector for H1 protocol not called
  - From: ronnie sahlberg

References:
- [Wireshark-dev] Dissector for H1 protocol not called
  - From: Thomas Boehne
- Re: [Wireshark-dev] Dissector for H1 protocol not called
  - From: Jeff Morriss
- Re: [Wireshark-dev] Dissector for H1 protocol not called
  - From: Thomas Boehne

Prev by Date: [Wireshark-dev] help on writing a new dissector
Next by Date: Re: [Wireshark-dev] wireshark_0.99.2-1_i386.changes REJECTED
Previous by thread: Re: [Wireshark-dev] Dissector for H1 protocol not called
Next by thread: Re: [Wireshark-dev] Dissector for H1 protocol not called
Index(es):
- Date
- Thread