Hello
I am currently writing a dissector plugin for a machine-safety
protocol. The dissector is finished and currently I am in the, let's
call it, beautifying stage.
Problem is, the dissector can work across quite a few other dissectors.
e.g.: normally data would arrive using a realtime ethernet procotoll,
like Ethernet Powerlink, SercosIII or ProfiNet
Additionally any of those protocolls may send packages using an UDP
packet, in their so called asynchronous phase.
Therefore my dissector registers for two different things, one being
the udp port and the second being the specific ethernet frame type for
the realtime protocol.
This leads to data rows colored in weird ways, as the UDP packages get
colored with a blue background, and some packages from the realtime
net get colored with a gray text (for using a broadcast address), and
so on.
Normally, I would just add a coloring rule to the colorlist, but as my
dissector has been implemented as a plugin, it would not always be
present.
Is it still acceptable to add the rule to colorlist (above the tcp
rule), or should I search for another solution?
regards, Roland
