Robert Hogan wrote:
I'm most of the way (I hope) through a tn3270 dissector. However I'm not
sure of the most acceptable way of doing a couple of things:
- Should I just make TN3270 a sub-dissector of telnet? So users
select 'decode as telnet' and get the tn3270 dissected implicitly? Or
should it have a separate 'decode as' entry? If the latter, I'm not sure
how I can call telnet as a 'super-dissector' or alternatively, avoid
duplicating code.
Well, TN3270 is really 3270-over-telnet so I'd think the former was better.
- The best way of recognizing a tn3270 session is through the 'terminal
type' telnet option at session negotiation. Browsing through other
dissector code I can't find a canonical way of storing information about a
given stream, other than possibly misusing the conversation api. I'm sure
I'm missing a trick. What is the standard way of recognizing that a packet
is from a stream previously identified as requiring a specific
sub-dissector?
I think the only (and best) way to do that is to store the info in a
conversation structure. I've always thought the purpose of
conversations was to store info for later (subsequent packet) use.
(Then again: I've never used them.)
