Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-dev: Re: [Wireshark-dev] Using multiple layers of dissectors

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Anders Broman" <anders.broman@xxxxxxxxxxxx>
Date: Thu, 23 Jul 2009 11:25:33 +0200
Hi,
The ASN1 plugin is sort of deprecated (plugins/asn1/) and I think it is supposed to work by loading ASN1 descriptions via som external tool
if I remember correctly. The dissectors generated by asn2wrs relies on packet-per.c or packet-ber.c to do the dissection depending
on the encoding(PER/BER).
 
Why would you need two .dll:s?
Is the protocol private/proprietarry? If not make it a built in dissector and send us the code(which protocol is it?).
 
As ASN1 is used to describe a protocol is the stack more like:
 
Satelite Message
ASN.1 described protocol
TCP
IP
:
If so you'll need two dissectors I suppose one for the ASN1 protocol and one for the satelite message they could be in the same
plugin dll ( see other plugins with multiple files). 
Regards
Anders

From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Aurélien Decagny
Sent: den 23 juli 2009 10:48
To: wireshark-dev@xxxxxxxxxxxxx
Subject: Re: [Wireshark-dev] Using multiple layers of dissectors

Hi,
thank you for your answer.

In fact, my question was more: is it possible to create 2 different plugins (2 different .dll files on windows), to dissect something like this:
http://imagik.fr/view-rl/93396
(A figure is better than a long explanation, and I know that this figure is not really accurate for the transmission layer.)

But thank you for your link! I was trying to build the ASN.1 plugin by myself when I saw that he was already integrated in Wireshark, so your link will help me a lot!

Regards

Aurelien




Date: Thu, 23 Jul 2009 10:24:22 +0200
From: anders.broman@xxxxxxxxxxxx
To: wireshark-dev@xxxxxxxxxxxxx
Subject: Re: [Wireshark-dev] Using multiple layers of dissectors

Hi,
You should use asn2wrs to generate the asn1 part of your protocol see
http://wiki.wireshark.org/Asn2wrs and a bunch of asn2wrs generated dissectors in the source dir /asn1/
 
Regards
Anders

From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Aurélien Decagny
Sent: den 23 juli 2009 10:11
To: wireshark-dev@xxxxxxxxxxxxx
Subject: [Wireshark-dev] Using multiple layers of dissectors

Hi!

I have been searching this on Internet, but I don't find any solution, this is why I write to you.
I have built a first dissector for Wireshark. Now, I know that for some kind of messages from this protocol, the data it contains are encoded with an other protocol (ASN.1, to be accurate).
So I would like to know what I have to put in my dissector code and where, to make the data dissected by the ASN.1 dissector.

Thanks

Aurelien

Votre correspondant a choisi Hotmail et profite d'un stockage quasiment illimité. Créez un compte Hotmail gratuitement !
Découvrez toutes les possibilités de communication avec vos proches
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube