Ask Your Question

Revision history [back]

Dissector that decodes payload on another layer

Hi,

the dissector for ASTERIX packet-asterix.c in Wireshark dissects data that is sent via network. Until now, we have only seen these data sent over UDP and that is how the dissector works. There is a line in the dissector

dissector_add_uint_with_preference ("udp.port", ASTERIX_PORT, asterix_handle);

that defines that data is sent via UDP and dissector dissects it.

Now, I got a request to decode the same data being sent over MAC/LLC. The data are the same only the way, how it is sent is different.

How can I make the dissector to be able to decode also the MAC/LLC payload, too? All data dissecting code should stay the same. i guess I need to add something like this:

dissector_add_uint_with_preference ("llc.dsap", ASTERIX_PORT, asterix_handle);

but that is surely not enough, and I don't know how can that be done. I tried to add dissector_add similar to the one shown and some more stuff, but all I got was core dump at Wireshark start. I got some sample traffic for debugging, now I need to make Wireshark to decode it.

Regards Marko

Dissector that decodes payload on another layer

Hi,

the dissector for ASTERIX packet-asterix.c in Wireshark dissects data that is sent via network. Until now, we have only seen these data sent over UDP and that is how the dissector works. There is a line in the dissector

dissector_add_uint_with_preference ("udp.port", ASTERIX_PORT, asterix_handle);

that defines that data is sent via UDP and dissector dissects it.

Now, I got a request to decode the same data being sent over MAC/LLC. The data are the same only the way, how it is they are sent is different.

How can I make the dissector to be able to decode also the MAC/LLC payload, too? All data dissecting code should stay the same. i guess I need to add something like this:

dissector_add_uint_with_preference ("llc.dsap", ASTERIX_PORT, asterix_handle);

but that is surely not enough, and I don't know how can that be done. I tried to add dissector_add similar to the one shown and some more stuff, but all I got was core dump at Wireshark start. I got some sample traffic for debugging, now I need to make Wireshark to decode it.

Regards Marko

Dissector that decodes payload on another layer

Hi,

the dissector for ASTERIX packet-asterix.c in Wireshark dissects data that is sent via network. Until now, we have only seen these data sent over UDP and that is how the dissector works. There is a line in the dissector

dissector_add_uint_with_preference ("udp.port", ASTERIX_PORT, asterix_handle);

that defines that data is sent via UDP and dissector dissects it.

Now, I got a request to decode the same data being sent over MAC/LLC. The data are the same only the way, how they are sent is different.

How can I make the dissector to be able to decode also the MAC/LLC payload, too? All data dissecting code should stay the same. i I guess I need to add something like this:

dissector_add_uint_with_preference ("llc.dsap", ASTERIX_PORT, asterix_handle);

but that is surely not enough, and I don't know how can that be done. I tried to add dissector_add similar to the one shown and some more stuff, but all I got was core dump at Wireshark start. I got some sample traffic for debugging, now I need to make Wireshark to decode it.

Regards Marko

Dissector that decodes payload on another layer

Hi,

the dissector for ASTERIX packet-asterix.c in Wireshark dissects data that is sent via network. Until now, we have only seen these data sent over UDP and that is how the dissector works. There is a line in the dissector

dissector_add_uint_with_preference ("udp.port", ASTERIX_PORT, asterix_handle);

that defines that data is sent via UDP and dissector dissects it.

Now, I got a request to decode the same data being sent over MAC/LLC. The data are the same only the way, how they are sent is different.

How can I make the dissector to be able to decode also the MAC/LLC payload, too? All data dissecting code should stay the same. I guess I need to add something like this:

dissector_add_uint_with_preference ("llc.dsap", ASTERIX_PORT, ???, asterix_handle);

but that is surely not enough, and I don't know how can that be done. I tried to add dissector_add similar to the one shown and some more stuff, but all I got was core dump at Wireshark start. I got some sample traffic for debugging, now I need to make Wireshark to decode it.

Regards Marko

Dissector that decodes payload on another layer

Hi,

the dissector for ASTERIX packet-asterix.c in Wireshark dissects data that is sent via network. Until now, we have only seen these data sent over UDP and that is how the dissector works. There is a line in the dissector

dissector_add_uint_with_preference ("udp.port", ASTERIX_PORT, asterix_handle);

that defines that data is sent via UDP and dissector dissects it.

Now, I got a request to decode the same data being sent over MAC/LLC. The data are the same only the way, how they are sent is different.

How can I make the dissector to be able to decode also the MAC/LLC payload, too? All data dissecting code should stay the same. I guess I need to add something like this:

dissector_add_uint_with_preference ("llc.dsap", ???, asterix_handle);

but that is surely not enough, and I don't know how can that be done. I tried to add dissector_add similar to the one shown and some more stuff, but all I got was core dump at Wireshark start. I got some sample traffic for debugging, now I need to make Wireshark to decode it.it. S sample of a similar decoder, where I could see how that should be done, would be a perfect guidance.

Regards Marko

Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service
Powered by Askbot version 0.10.2