Hi everyone,
I’m looking at doing what ‘decode as’ does, but directly in code :
User provides a buffer and a protocol to use, and the code would perform the parsing and end up with an epan_dissect_t that contains the parsed information.
I understand there might be limitations as to which dissectors allow doing ‘decode as’, but assuming I restrict myself to the ‘supported’ protocols for this, how do I even do the setup to perform that parsing ?
I already have all the code (see below) to take a raw data buffer and parse it, I just can’t figure out how to tell the code “start dissecting using protocol X” and the code in decode_as_dialog.cpp wasn’t clear to me.
Any pointers ?
Here’s how I’m parsing raw buffers (assuming they start at Ethernet) :
struct wtap_pkthdr stHeader;
memset(&stHeader, 0, sizeof (stHeader));
stHeader.rec_type = REC_TYPE_PACKET;
stHeader.caplen = poFrameData->GetLength();
stHeader.len = poFrameData->GetLength();
stHeader.pkt_encap = WTAP_ENCAP_ETHERNET;
stHeader.presence_flags = WTAP_HAS_TS | WTAP_HAS_CAP_LEN;
frame_data_init(&stFrameData, m_qwFrameCount, &stHeader, 0, 0);
epan_dissect_run(pstEpanDissect, WTAP_FILE_TYPE_SUBTYPE_UNKNOWN, &stHeader, tvb_new_real_data(poFrameData->GetPayload(), poFrameData->GetLength(), poFrameData->GetLength()), &stFrameData, NULL);
Thanks,
Hassan
