Wireshark-dev: Re: [Wireshark-dev] How to get calling dissector
From: Roland Knall <[email protected]>
Date: Mon, 29 Jan 2018 18:03:37 +0100
Short answer: packet_info->layers should get you the list of protocols called before yours. If you iterate, you should see the other protocols before yours. In packet.c:754 you see the code adding to the list. 

Not sure though, how stable that interface is. It is pretty in-depth for span, so you should be save to use it, but not sure, if it is official, or if there is another way.


On Sun, Jan 28, 2018 at 10:59 PM, Uli Heilmeier <[email protected]> wrote:
Hi all,

How does a dissector know which dissector called it?

Long version:
I’m currently implementing a dissector for „Session Multiplex Protocol“ (SMP) [1] requested in bug 14110 [2].
The Tabular Data Stream (TDS; MS SQL Server) protocol depends on SMP when using the MARS feature [3].

SMP runs on top of TCP and is a session layer protocol. SMP however has no identifier to specify the next protocol.
When TDS uses SMP the SMP payload itself is TDS. Resulting in dissector stack: Ethernet/IP/TCP/TDS/SMP/TDS.

I want to call the TDS dissector for the SMP payload data only when it was called by TDS. Otherwise just display the data as hex.
How can I get the information which dissector called my dissector?

Any ideas are welcome. Thanks!

[1]: https://msdn.microsoft.com/en-us/library/cc219643.aspx
[2]: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14110
[3]: https://docs.microsoft.com/en-us/sql/relational-databases/native-client/features/using-multiple-active-result-sets-mars

Cheers Uli
Sent via:    Wireshark-dev mailing list <[email protected]>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:[email protected]wireshark.org?subject=unsubscribe