Hi Lars,
Perhaps the table you are looking for is "ip.proto". Check packet-sctp
for example.
Good luck!
Abhik.
On Jan 1, 2008 12:36 PM, Lars Friedrichs <larsfriedrichs@xxxxxx> wrote:
> Hi there,
>
> I have an obscure protocol I am writing a dissector for. It relies on
> the ip.id value set to a certain value (253) so I want to add my
> dissector to that value:
>
> void proto_reg_handoff_lusc(void) {
> /* registriert das Protokoll samt CallBack für den Dissector mit
> Hinweisen auf die automatische Dekodierung */
> static gboolean initialized = FALSE;
> if (!initialized) {
> lusc_handle = create_dissector_handle(dissect_lusc,
> proto_lusc);
> global_lusc_ipid_mark = 253;
> dissector_add("ip.id", global_lusc_ipid_mark, lusc_handle);
> }
> }
>
> I get an error while wireshark is initializing:
> 00:43:08 Err file packet.c: line 697 (dissector_add):
> assertion failed: (sub_dissectors)
> Aborted (core dumped)
>
> If I read and understand the sources correct it seems that ip.id is not
> a known dissector_table but how can I change that? Using "tcp.port"
> gives the expected result so I am sure it has to do with "ip.id" being
> used with dissector_add.
> Can anyone solve my problem?
>
> Thanks,
> Lars
> _______________________________________________
> Wireshark-dev mailing list
> Wireshark-dev@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-dev
>
