how to use existing dissector in a new dissector inside a new plugin
I have created a new dissector for capturing CAN protocol inside a new plugin called myproto. I have used existing dissector "packet-socketcan.c" as a reference code to make my own customized dissector. I able to compile successfully but while running wireshark binary get aborted and an error like
"Duplicate protocol short_name "CAN"! This might be caused an inappropriate plugin or a development error"
I have changed this short_name into different name, then also the binary get aborted and throw an error like
packet.c: register_dissector_handle: assertion failed (g_hash_table_lookup(registered_dissectors, name) == NULL)
Please provide me a right solution to resolve this issue Or suggest me any other way to achieve this scenario.
Appreciate your response and thanks in advance for your valuable time.
As you've found you can't have two dissectors attempting to register the same name.
Are you attempting to completely replace the existing CAN dissector, or are you just "wrapping" it, e.g. headers and trailers and hoping to call it from your dissector?
Thank you for the reply.
We are working on custom CAN protocol. So we want to create a new plugin to handle our custom CAN frames. We want the default CAN dissector to be in place and our new plugin to work in parallel. Is it possible ? We have modified default CAN dissector and able to see it in wireshark(custom CAN frames are shown as we have formated) , but we don't want to change the default CAN dissector behavior and have a new plugin to handle it.
"work in parallel" how? On what do you base the selection of the use of the standard dissector vs your custom dissector?
Parallel means , If we select our plugin then our custom dissector will be in use and if our plugin is not enabled then standard dissector will be used. So according to our understanding when our plugin is enabled then received CAN frame won't go through the standard dissector and it will be redirected via our plugin, is it possible ?
Is this a complete replacement of the existing CAN dissector, or is it an CAN "application" protocol such as j1939 which is implemented as a subdissector for CAN?.