Wireshark · Wireshark-dev: [Wireshark-dev] question about tcap sub-dissector

Wireshark-dev: [Wireshark-dev] question about tcap sub-dissector

From: Risto Paasila <risto@xxxxxxxxxxxxxxxx>

Date: Mon, 18 Apr 2011 11:21:01 +1000

Hi,

My question is at the end, and hopefully all relevant detail is in between...

I need to make a dissector which calls the tcap dissector which should
them call a sub-dissector.

The protocol stack would be something like:

Frame 26: 108 bytes on wire (864 bits), 108 bytes captured (864 bits)
Ethernet II, Src: Oracle_b3:04:f5 (00:03:ba:b3:04:f5), Dst:
All-HSRP-routers_0a (00:00:0c:07:ac:0a)
Internet Protocol, Src: 10.97.0.228 (10.97.0.228), Dst: 10.115.232.36
(10.115.232.36)
Transmission Control Protocol, Src Port: ccu-comm-1 (4053), Dst Port:
64551 (64551), Seq: 1, Ack: 1, Len: 54
My-simple-protocol
Transaction Capabilities Application Part
My-sub-dissector-protocol

My requirement is to be able to provide the My-simple-protocol and
My-sub-dissector-protocol, as a plugin (or two plugins).
I have managed already to create My-simple-protocol, which
successfully calls the tcap dissector.

For calling My-sub-dissector-protocol from tcap, I found two possibly
useful methods:

    extern void add_itu_tcap_subdissector(guint32 ssn,
dissector_handle_t dissector)
    dissector_handle_t get_itu_tcap_subdissector(guint32 ssn)

I tried them in the code of My-simple-protocol plugin, but the
compiler doesn't like them:

packet-my-simple-protocol.c
plugin.c
packet-my-simple-protocol.c(113) : error C2220: warning treated as
error - no 'object' file generated
packet-my-simple-protocol.c(113) : warning C4013:
'get_itu_tcap_subdissector' undefined; assuming extern returning int
packet-my-simple-protocol.c(113) : warning C4047: '=' :
'dissector_handle_t' differs in levels of indirection from 'int'
packet-my-simple-protocol.c(114) : warning C4013:
'add_itu_tcap_subdissector' undefined; assuming extern returning int

I found something in the mailing lists that was similar:
http://www.wireshark.org/lists/wireshark-dev/200706/msg00042.html
but it is rather old, I suppose creating a sub-dissector should work
now without copying the whole tcap dissector into the plugin.

In the tcap data captured, there is no ssn specified either.

How can I make use of these methods to handoff to tcap, and then that
tcap does a handoff back to My-sub-dissector-protocol?

Kind Regards
Risto

Follow-Ups:
- Re: [Wireshark-dev] question about tcap sub-dissector
  - From: Anders Broman

Prev by Date: [Wireshark-dev] buildbot failure in Wireshark (development) on Visual-Studio-Code-Analysis
Next by Date: Re: [Wireshark-dev] question about tcap sub-dissector
Previous by thread: Re: [Wireshark-dev] Build failure: k12.c:275:11: error: variable 'actual_len' set but not used [-Werror=unused-but-set-variable]
Next by thread: Re: [Wireshark-dev] question about tcap sub-dissector
Index(es):
- Date
- Thread