I have a plugin for a protocol which encapsulates another protocol (i.e. ASN.1 based LTE-RRC). Unfortunately I don't have the source code for this plugin. Do I still have the chance to develop a plugin to decode the encapsulated protocol? And I also noticed LTE-RRC is already supported by wireshark, how to request wireshark to decode a filed of a protocol as LTE-RRC?
asked 02 Jul '12, 22:40
Without having the source code of this plugin(*) it's hard to tell what hooks it provides to connect your dissector to. Maybe a symbol inspection could shed some light.
As for the LTE-RRC dissector, it register enough hooks by name, so there very well could be a applicable entrypoint for you. It's hard to tell without the details.
(*) You can always get this source code. That's because Wireshark plugins are GPL licensed, hence the distributor of the plugin has to provide the source code. (either with the binary, or upon request, for a reasonable fee for the medium it's delivered on).
answered 04 Jul '12, 01:17