You need to match the name of a dissector table that has been created by your parent protocol. TCP creates one named "tcp.port" and UDP creates a similar one "udp.port", for example. This type of dissector table assumes you will provide a value (such as port#) to be matched when selecting your dissector.
If you have no specific value to be matched, you might read up on how to create and register heuristic dissectors - but you will need the name of a heuristic dissector list already created by your parent protocol, in order to add your dissector to it.
On Thu, Aug 27, 2009 at 1:47 PM, Patrick Lannigan
<p.lannigan@xxxxxxxxx> wrote:
The dissector I'm writing is a custom link layer protocol. My issue is that I'm not sure what I should use in the dissector_add() function. Most of the dissectors seem to be referencing other protocols like "tcp.port", but that does not apply in my case. The other thing I've seen is "wtap_encap" with the value being some defined constant. Can someone help me along in the right direction? If "wtap_encap" is the correct method, does that mean there is other files I should be editing in addition to my packet-abc file?
Patrick
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
