Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-dev: Re: [Wireshark-dev] Can't see my protocol in "Decode As ..." menu

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Anders Broman" <a.broman@xxxxxxxxx>
Date: Wed, 23 Jan 2008 08:01:58 +0100

-----Ursprungligt meddelande-----
Från: wireshark-dev-bounces@xxxxxxxxxxxxx
[mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] För Glenn Shirley
Skickat: den 23 januari 2008 04:01
Till: 'Developer support list for Wireshark'
Ämne: Re: [Wireshark-dev] Can't see my protocol in "Decode As ..." menu

Hi Guy,

> On Jan 22, 2008, at 6:36 PM, Glenn Shirley wrote:
> 
> > Hi Anders (et. al.),
> >
> > My protocol is based on an RTP payload type (e.g. 100) so my 
> > dissector_add is as follows:
> 
> 	...
> 
> > As mentioned before this was all working on a windows build 
> but that 
> > was a long time ago so I may have forgotten something.
> 
> Your protocol can't show up correctly in "Decode As..." 
> because "Decode As..." has no provision for RTP; it only 
> handles Ethertypes, IP protocol types, and TCP and UDP port 
> numbers.  It never did have any provision for RTP, so I doubt 
> you were *ever* able to see your protocol in the right place 
> in "Decode As..."; if you'd registered it in the "tcp.port" 
> or "udp.port" table, it'd show up for "Transport", but that 
> would mean that the packet would be *directly* handed to your 
> protocol's dissector, rather than being handed to the RTP 
> dissector with the RTP dissector handing the payload to your 
> dissector.

Yep, very true.

> Given RTP dynamic protocol types, perhaps "Decode As..." 
> should be enhanced to support RTP, and give a list of all 
> protocols for which dissectors have been registered with the 
> "rtp.pt" table?

>That would be nice.  The "Decode As" functionality is very limited as is
>(but still very handy).  Being able to decode on a range of other fields
>would be extremely handy.

>See also my last email to the list about things working when I disable all
>but the essential protocols so looks like this is some sort of clash issue
>with the payload type.

>Cheers,
>Glenn.

If your RTP stream is signalled with SDP you might also want to register in
the table dissector_add_string("rtp_dyn_payload_type","string in SDP",
proto_handle);
Regards
Anders
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube