Wireshark-dev: Re: [Wireshark-dev] invoking tcp sub-dissectors from a custom dissector
From: Stephen Fisher <[email protected]>
Date: Sat, 16 Jun 2007 18:16:04 -0700
On Sat, Jun 16, 2007 at 05:34:08PM -0700, Ravi Kondamuru wrote:

> I am implementing a tcp based custom protocol dissector. Each tcp 
> conversation starts with a http request-response followed by a series 
> of custom protocol data exchanges. I have been able to implement 
> dissecting the custom protocol, however for the initial request/ 
> response, I am not able to figure out how to call the tcp 
> sub-dissectors to take care of dissecting it. I have some rudimentary 
> mechanism to identify if it is a http packet or a custom data packet. 

Try looking at the http_payload_subdissector function in 
epan/dissectors/packet-http.c to see how it calls the tcp sub-dissectors 
based on the destination port number of a "CONNECT <hostname>:<port>" 
request seen in the HTTP part of the conversation.  Specifically look at 
this call:

dissect_tcp_payload(next_tvb, pinfo, 0, tcpinfo->seq, /* 0 = offset */
		    tcpinfo->nxtseq, dissect_as, 
		    pinfo->destport, tree, tree, tcpd);

Let us know if you need further assistance.


Steve