On Apr 18, 2011, at 7:27 PM, Alex Lindberg wrote:
> The protocol. It is a custom protocol used for some of my companies control equipment.
>
> The structure of the protocol packet varies with the release version of the system. While there are may similarities between versions, the structures are different enough to have different sizes and makeup etc.
>
> I could create separate dissectors for each version, but that seems like a lot of duplicate effort. By using an over loaded pointer, the coding would be much easier. I cannot create different complied version of the protocol, one for each version.
>
> Or is it possible to delay the typing of a variable to runtime? In that case the type could be control by changing the "version" variable via the preferences during dissector initialization.
Many Wireshark dissectors don't use structures to dissect the packet - they just pull each field out with a proto_tree_add_item() call and/or fetch the value with tvb_get_ calls and put them into the tree with other proto_tree_add_ calls. A dissector written in that fashion could use common code for the common parts and use an if statement or a switch, and different code, for the parts that differ.
If I were writing the dissector, that's how I'd do it.
