Hi
This patch adds features allowing the user to:
a) Add arbitrary dissectors to the available lists in the “Decode
As” dialog; basically puts a UI on adding a dissector to the available
list in a dissector table.
b) Adds functionality analogous to dissector tables, but
instead of directing by field values, there is a list of display-filter /
sub-dissector pairs. A sub-dissector is called if the display filter is matched
by the packet.
c) Implements this new functionality for several “parent”
dissectors – IP, TCP, UDP, HTTP.
d) Implements this functionality for the data dissector,
giving a “last chance” to direct any unrecognised data.
e) Puts a UI on this, as well as a minimal Lua interface.
In short, this patch aims at giving the user a lot of power
to work with in odd cases; I guess it should be considered “expert”,
as some arbitrary combinations of dissectors may be fatal (e.g. forcing non-IP
data through TCP).
This is a biggish patch, so I have divided it into three:
Epan
-------
Adds the core display-filter / sub-dissector functionality
and exposes some of it through Lua.
UI
---
Extends the existing “Decode As” dialog, and
adds new dialogs for adding arbitrary dissectors to the “Decode As”
dialog, and setting up filter-based dissection. This patch depends on the “epan”
patch.
Doc
----
Updates to the user guide for this functionality.
Cheers
Doug
__________________________________________
Douglas Pratley
t +44 845 050 7640 | f
+44 845 644 5436
a Detica | PO
Box 383 | Horley | Surrey | RH6 7WX | UK
______________________________________________
www.detica.com
