Wireshark · Wireshark-dev: Re: [Wireshark-dev] How to call a dissector from the llc dissector?

Wireshark-dev: Re: [Wireshark-dev] How to call a dissector from the llc dissector?

From: Guy Harris <guy@xxxxxxxxxxxx>

Date: Wed, 20 May 2009 14:25:58 -0700


On May 20, 2009, at 2:15 PM, Guy Harris wrote:


On May 20, 2009, at 5:19 AM, Florian FAVIER wrote:

We are now writing a new dissector for the Asterix protocol,


I assume you mean "ASTERIX protocol":

	http://www.eurocontrol.int/asterix/public/subsite_homepage/homepage.html

and we would like to call it when the LLC dissector is running.

The condition is when the third byte of LLC is equal to 0x03, we
have to call our dissector.


In other words, the Asterix protocol prevents most SNAP-based or
otherwise 802.2-based protocols from working on any machine using it?
"When the third byte of LLC is equal to 0x03" is equivalent to "when
the packet is an LLC UI frame", and most packets on 802.2-based
networks are LLC UI frames.

If you *do* mean the ASTERIX protocol, then, at least according toFigure 1 in


	http://www.comsoft.de/download/atc/background/rmcde_atca97.pdf

ASTERIX runs atop a transport or session-layer protocol, so itsdissector should *NOT* be called by the LLC dissector.

References:
- [Wireshark-dev] How to call a dissector from the llc dissector?
  - From: Florian FAVIER
- Re: [Wireshark-dev] How to call a dissector from the llc dissector?
  - From: Guy Harris

Prev by Date: Re: [Wireshark-dev] decoding of the tbcd octet strings in map payloads
Next by Date: [Wireshark-dev] buildbot failure in Wireshark (release) on OSX-10.5-ppc
Previous by thread: Re: [Wireshark-dev] How to call a dissector from the llc dissector?
Next by thread: [Wireshark-dev] adding ipv4 resolution name in a plugin
Index(es):
- Date
- Thread