you have to terminate all value_strings with a {0,NULL} else
val_to_str() and friends will read beyond the end of the array.
do not encapsulate the dissection of all the fields inside an if(tree)
since this may prevent display filters from working.
i can do these changes later tonight
On 8/17/06, Stephen Fisher <stephentfisher@xxxxxxxxx> wrote:
Attached is a patch file that adds a new dissector for the LLT protocol
(Veritas Low Level Transport, used for server clustering). They use
ethertype 0xCAFE even though it isn't assigned to them :(. There are
other fields and possibly other message types directly between servers
it does not yet dissect as no one outside of Veritas knows what they
are. This dissector understands the one people will run across most -
multiple servers broadcasting these heartbeats all over the place. I
figured out these fields through many Internet searches.
I will add the protocol to the Wiki after it is committed.
Thanks,
Steve
