On Dec 20, 2013, at 6:44 AM, "Emburey Samrex Edward -X (emedward - EMBED UR SYSTEMS at Cisco)" <emedward@xxxxxxxxx> wrote:
> I think, I should have mentioned this earlier.
Yes.
> There does exist two different headers: a 20-byte (legacy) and a 55-byte (with additional, 802.11n support)
The legacy header does *not* appear to have a magic number, based on the capture file Joerg made available.
Do you have complete details on what it contains, so that we can finish the dissector for it?
> To accommodate the 802.11n header, we would need a different dissection at dissect_peekremote(), apart from the way legacy header had been dealt.
> May be, we can have the ‘magic number’ as reference from the obtained hex-dump, to choose between the two dissection methods.
We should probably:
1) make a heuristic dissector for the new header, and have it check for the magic number, so that, for the new header, you *don't* have to use "Decode As...";
2) have the port-number-based dissector call the heuristic dissector first and:
if the heuristic dissector accepts the packet, just return;
otherwise, dissect the legacy header.
