Hello all,
I have some capture files with packets encapsulated under ethernet. But
these packets have a short header before the mac addresses and I am
trying to write a dissector that would run before the ethernet one,
parse the header and then call the ethernet dissector to continue parsing
the rest of the packet.
I was not able to find any example of this being done and I guess it would
involve changing the entry in the wtap_encap table to replace the eth
dissector.
Any ideas on how this could be done?
All the best,
Mihai
