I'm working on the 802.15.4 packet decoder. 802.15.4 packets have a
two byte hardware checksum at the end of them. Some sniffer hardware
includes this checksum in the packets returned and some hardware
doesn't.
We've been switching between them by changing the source code:
- ieee802154_handle = find_dissector("wpan");
+ ieee802154_handle = find_dissector("wpan_nofcs");
How can i fix this so that I can switch using the UI?
I tried registering wpan_nofcs in the UI. The idea was to disable
"wpan" and let "wpan_nofcs" take over.
Instead of wpan_nofcs taking over I get "Protocol Unknown WTAP_ENCAP = 104".
ENCAP 104 is "wpan" which has been disabled.
Index: epan/dissectors/packet-ieee802154.c
===================================================================
--- epan/dissectors/packet-ieee802154.c (revision 33628)
+++ epan/dissectors/packet-ieee802154.c (working copy)
@@ -255,6 +255,7 @@
static int hf_ieee802154_nonask_phy_length = -1;
static int proto_ieee802154 = -1;
+static int proto_ieee802154_nofcs = -1;
static int hf_ieee802154_frame_type = -1;
static int hf_ieee802154_security = -1;
static int hf_ieee802154_pending = -1;
@@ -2488,6 +2489,7 @@
/* Register Protocol name and description. */
proto_ieee802154 = proto_register_protocol("IEEE 802.15.4
Low-Rate Wireless PAN", "IEEE 802.15.4", "wpan");
+ proto_ieee802154_nofcs = proto_register_protocol("IEEE 802.15.4
Low-Rate Wireless PAN nofcs", "IEEE 802.15.4 nofcs", "wpan-nofcs");
proto_ieee802154_nonask_phy = proto_register_protocol("IEEE
802.15.4 Low-Rate Wireless PAN non-ASK PHY", "IEEE 802.15.4 non-ASK
PHY", "wpan-nonask-phy");
/* Register header fields and subtrees. */
@@ -2541,7 +2543,7 @@
/* Register dissectors with Wireshark. */
register_dissector("wpan", dissect_ieee802154, proto_ieee802154);
- register_dissector("wpan_nofcs", dissect_ieee802154_nofcs,
proto_ieee802154);
+ register_dissector("wpan-nofcs", dissect_ieee802154_nofcs,
proto_ieee802154);
register_dissector("wpan_cc24xx", dissect_ieee802154_cc24xx,
proto_ieee802154);
register_dissector("wpan-nonask-phy",
dissect_ieee802154_nonask_phy, proto_ieee802154_nonask_phy);
} /* proto_register_ieee802154 */
@@ -2563,6 +2565,7 @@
{
static gboolean prefs_initialized = FALSE;
static dissector_handle_t ieee802154_handle;
+ static dissector_handle_t ieee802154_nofcs_handle;
static dissector_handle_t ieee802154_nonask_phy_handle;
static unsigned int old_ieee802154_ethertype;
GByteArray *bytes;
@@ -2571,10 +2574,12 @@
if (!prefs_initialized){
/* Get the dissector handles. */
ieee802154_handle = find_dissector("wpan");
+ ieee802154_nofcs_handle = find_dissector("wpan-nofcs");
ieee802154_nonask_phy_handle = find_dissector("wpan-nonask-phy");
data_handle = find_dissector("data");
dissector_add("wtap_encap", WTAP_ENCAP_IEEE802_15_4,
ieee802154_handle);
+ dissector_add("wtap_encap", WTAP_ENCAP_IEEE802_15_4_NOFCS,
ieee802154_nofcs_handle);
dissector_add("wtap_encap",
WTAP_ENCAP_IEEE802_15_4_NONASK_PHY, ieee802154_nonask_phy_handle);
prefs_initialized = TRUE;
Index: wiretap/wtap.c
===================================================================
--- wiretap/wtap.c (revision 33628)
+++ wiretap/wtap.c (working copy)
@@ -473,7 +473,10 @@
{ "SocketCAN", "socketcan" },
/* WTAP_ENCAP_IEEE802_11_NETMON_RADIO */
- { "IEEE 802.11 plus Network Monitor radio header", "ieee-802-11-netmon" }
+ { "IEEE 802.11 plus Network Monitor radio header", "ieee-802-11-netmon" },
+
+ /* WTAP_ENCAP_IEEE802_15_4 nofcs */
+ { "IEEE 802.15.4 Wireless PAN nofcs", "wpan-nofcs" },
};
gint wtap_num_encap_types = sizeof(encap_table_base) / sizeof(struct
encap_type_info);
Index: wiretap/wtap.h
===================================================================
--- wiretap/wtap.h (revision 33628)
+++ wiretap/wtap.h (working copy)
@@ -216,6 +216,7 @@
#define WTAP_ENCAP_IPNET 124
#define WTAP_ENCAP_SOCKETCAN 125
#define WTAP_ENCAP_IEEE802_11_NETMON_RADIO 126
+#define WTAP_ENCAP_IEEE802_15_4_NOFCS 127
#define WTAP_NUM_ENCAP_TYPES wtap_get_num_encap_types()
--
Jon Smirl
jonsmirl@xxxxxxxxx
