On Oct 5, 2017, at 11:23 PM, Roland Knall <rknall@xxxxxxxxx> wrote:
> Personally I think moving to a set would reduce functionality for some applications. Industrial ethernet applications for instance heavily rely on multiple protocols being transported in single frames multiple times (one UDP packet contains a lot of openSAFETY frames, which themselve could contain data dissectors).
So there are cases where, for example, for code that examines the protocol list, that code would need to see, for example, eth:ip:tcp:x11:x11:x11 for a TCP segment containing three X11 requests or replies, rather than just seeing eth:ip:tcp:x11?
(BTW, the protocol list is a linearization of a structure that's not linear - x11:x11:x11 doesn't mean X11 inside X11 inside X11, it means 3 X11's inside TCP. Hopefully no software naively assumes that the protocol list is a tower of protocols, rather than just a representation of what you see if you move forward through the packet and any reassembled chunks.)
