Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

distinguish dissectors using same udp port

Hello all,

I have 2 dissectors using same udp port (7555).

How can I register and distinguish between those two simultaneously in wireshark? For one of them I knows that it udp length is for sure greater than of the other one. Each one of them has specific IP convention (i.e 1st one is 1.1.1XX.11, 2nd is 2.2XX.22.2)

Currently my association of the protocols to the udp is as follows

local p_multi = Proto("multi", "MultiProto");    
....
....
local wtap_encap_table = DissectorTable.get("wtap_encap")
local udp_encap_table = DissectorTable.get("udp.port")

wtap_encap_table:add(wtap.USER15, p_multi)
wtap_encap_table:add(wtap.USER12, p_multi)
udp_encap_table:add(7555, p_multi)