Hello,
I am currently trying to extend the UMTS FP protocol to also handle FP
frames sent via UDP. To avoid modifications in the UDP dissector, my
plan was to use a heuristic to detect the first UDP packet of each
stream that contains FP and assign a conversation dissector to the whole
conversation.
The problem is that these frames can in turn contain UDP (e.g. DNS
queries). The solution outlined above would dissect these as FP again,
if I understand correctly (as a separate conversation).
As far as I see, I would need a way to let the heuristic determine that
the current frame was already parsed as FP (respectively, is already
part of a different UDP conversation) and should not be treated as FP.
Currently, I see no way to do this and would be very happy about any
suggestions!
Regards,
Tobias
