USB Link Layer dissector integration

asked 2018-10-02 15:49:14 +0000

Macpur gravatar image

Hi all, I am working with a USB Link Layer traffic dump in pcap format. I have managed to implement a dissector for it. My dissector recognizes different USB packets and tokens. My goal is to pass the data to higher layer dissectors. I am going to reassemble the data packets in order to dissect full USB transfers. That's not problem for me. The problem is, how to integrate it with the current USB implementation in Wireshark in order to call existing dissecctors for USB application layer protocols like MTP or ADB.

As far as I understand it, they rely on the current implementation of USB protocol dissector. For now I can see two possibilities, but any of them does not seem completely right. 1) I could call the existing USB dissector from my USB Link Layer dissector, but that would require a lot of changes in the packet-usb.c. I would have to implement the whole transfers reassembly in packet-usb.c 2) I could write a new dissector that somehow "mocks" the USB dissector and behaves in the same way from the point of view of application layer dissectors. I guess that in this case I'd implement a second dissector for the same protocol. I am also not sure if this is right.

Thanks in advance for all responses. I am new to Wireshark development. For now, I am implementing this just for my own usage, but I am planning to send it to Open Source in the future.

edit retag flag offensive close merge delete


Maybe move this question to the Wireshark development mailing list where further discussion may be easier instead of a Q&A site.

Jaap gravatar imageJaap ( 2018-10-02 19:36:59 +0000 )edit

I asked the question on the mailing list. Thanks.

Macpur gravatar imageMacpur ( 2018-10-02 20:01:34 +0000 )edit

Okay, probably still stuck in a moderating queue, Gerald will hopefully release it soon.

Jaap gravatar imageJaap ( 2018-10-03 08:59:50 +0000 )edit