On 12/23/06, Shaun Jackman <sjackman@xxxxxxxxx> wrote:
Is it possible to register a heuristic dissector for a particular
"wtap_encap" type?
I came up with a solution. I registered one normal dissector against
the specific "wtap_encap" type and all the other dissectors become
heuristic dissectors against that first protocol.
Cheers,
Shaun
/* somewhat abbreviated... */
static heur_dissector_list_t heur_subdissector_list;
void
dissect_mpeg(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
{
dissector_try_heuristic(heur_subdissector_list, tvb, pinfo, tree);
}
void
proto_register_mpeg(void)
{
proto_mpeg = proto_register_protocol(
"Moving Picture Experts Group", "MPEG", "mpeg");
register_heur_dissector_list("mpeg", &heur_subdissector_list);
}
void
proto_reg_handoff_mpeg(void)
{
dissector_handle_t mpeg_handle = create_dissector_handle(
dissect_mpeg, proto_mpeg);
dissector_add("wtap_encap", WTAP_ENCAP_MPEG, mpeg_handle);
heur_dissector_add("mpeg", dissect_mpeg_pes, proto_mpeg_pes);
heur_dissector_add("mpeg", dissect_mpeg_audio, proto_mpeg_audio);
}
