Hi
I am currently implementing a generic dissector, which takes a
predefined script and dissect payload. Pretty much in a way wsgd
(wsgd.fr) does, but some features where lacking for me, and the
integration into wireshark did not work for me either. One of the
features of my solution is the possibility, to call a subdissector as
part of the payload (therefore easing the implementation for some
protocols like openSAFETY for instance).
Currently I am thinking of adding the generic dissector to the
heuristic filter lists. But I want to enable this for all possible
protocols, and for this it needs to be the first heuristic dissector
called.
Basically the workflow would look like this:
* Heuristic call to generic dissector
* Dissector decides if it is allowed to dissect for this packet
(method is different from wsgd)
* If not, other heuristic dissectors may get a chance
Now I have two possibilities:
1. Either rework the register_heuristic_dissector routine to
automatically add the generic dissector allways at the first position
2. Rework dissector_try_heuristic and introduce a second list of
heuristic dissectors (global, general, ... something like that), that
will allways get precedence over list-specific heuristic dissectors.
Basically I would favor the second approach, but before I send in a
patch, I would like to get the opinion of everyone else.
regards
Roland
