Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] Adding mp2t sub dissector plugin

From: Frederic Turmel <fred.turmel@xxxxxxxxx>
Date: Tue, 14 Jul 2009 13:14:52 -0700
Thanks

On Tue, Jul 14, 2009 at 11:20 AM, Guy Harris <guy@xxxxxxxxxxxx> wrote:

On Jul 14, 2009, at 10:56 AM, Frederic Turmel wrote:

> Hi, I'm trying to build a plugin to dissect the payload of an mpeg
> transport packet. I'm using the following to add my plugin:
>
> dissector_add("mp2t.pid", 0x00001f76, pluginHandle);
>
> However when I build the code, wireshark crash at startup.

That won't work.  Wireshark does not (and probably will not ever)
arrange that every single field in a protocol can be used in that
fashion.

The first argument to dissector_add() is the name of a "dissector
table", used by the dissector that created the table to hand off
packet data to another dissector.  By *convention*, if a particular
field's value is used to choose the dissector to which to hand off the
packet data, the dissector table's name is the same as the name of the
field; however, that does not mean that any field in a dissector can
be used for this.

> Is there another way to add a dissector based on the PID number?

No.  You would have to modify the MPEG-2 transport stream dissector to
support handing off the payload to another dissector; it currently has
no code to do so.  You'd have to modify dissect_tsp() to use the PID
number to determine the dissector to handle the payload.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe