Will Barker wrote:
I�m trying to determine why the �Decode As� context menu option
1) is sometimes grayed out
My guess is that you don't have a field (or protocol layer) selected
which has something (e.g., a TCP port field) that can be used to as a
filter/selector for Decode-As.
2) does not present all the available protocols in its list
Not all protocols are registered by name (i.e., not all dissectors call
register_dissector()).
Is there an override possible somehow?
Not by a user; for the 2nd issue someone would have to add the relevant
call to the dissector (and recompile, etc.).
If the user is certain that protocol FOO starts at offset X then it
would be good to have a way of forcing that protocol decode at that
point (regardless of the selected position in the packet etc.). Of
course, as with the existing �Decode As� support, if the user got it
wrong then the decode won�t work but this fallback approach (without the
need for code change) does cater for those occasions where the required
dissection is not implemented or is wrong etc. What would we need to
change/be extended to enable this?
You might want to check out:
http://wiki.wireshark.org/HowToDissectAnything
