Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: [Wireshark-dev] port tracking ?

Date: Tue, 10 Oct 2006 10:18:30 +0000 (UTC)
Hi all!

I'm about to write an dissector plugin for an (actually)
simple UDP based protocol. It has a control and a data channel.

The control channel has a well-known port. Thus, it is no
problem to recognize the control protocol.

Unfortunately, the data channel has no fixed port.
The server announces the data channel port via a special
control channel packet to the client.

Actually, the control channel plugin could recognize this
announcement and tell the date channel plugin do decode packets sent to this port as data channel packets.

I think the correct term for this is "port tracking" (or so...)

Unfortunately, I didn't find any description how to do this.
Could please anybody help me. Is there a descrition somewhere?
Is it feasible for a plugin, at all?

--
J.Anders, GERMANY, TU Chemnitz, Fakultaet fuer Informatik