Wireshark mailing list archives
Re: Defining a DLT which could be used to dissect any protocol.
From: Martin Mathieson <martin.r.mathieson () googlemail com>
Date: Tue, 7 Feb 2012 15:23:54 +0000
Isn't this similar (but more general) to what packet-meta.c does - although probably that one is tailored to what Tobias has needed? Martin On Tue, Feb 7, 2012 at 2:33 PM, Anders Broman <anders.broman () ericsson com>wrote:
Hi, How about defining a DLT with a TLV based header which could be used to carry any protocol - a tag would contain the name of the protocol to be called the name would of course have to correspond To the name the dissector has registered in Wireshark - yes this is a weakness an alternative would be to give every protocol a number but that means keeping a registry list. Tags could be defined to carry any extra info needed. Something like this Header Header length Header version ------------------- Tag Length value -------- : -------- Tag = Data Length Data Example tags Tag = 1 Protocol name, the name used by the Wireshark dissector to be called with the protocol data. ( ex "sip" ). Tag = 2 SRC Address( Octet 1 = Address family), ( ex IP4 address, IP6 Address, OPC, DPC ....) 2-n Address data Tag = 2 DST Address : Tag X Vendor specific ( vendor Id, vendor tag + data) Tag = 254 Data Tag = 255 Reserved for extension This is just to test the wathers before geting to far into defining the tags. Comments? Regards Anders ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Defining a DLT which could be used to dissect any protocol. Anders Broman (Feb 07)
- Re: Defining a DLT which could be used to dissect any protocol. Martin Mathieson (Feb 07)
- Re: Defining a DLT which could be used to dissect any protocol. Guy Harris (Feb 07)
- Re: Defining a DLT which could be used to dissect any protocol. Anders Broman (Feb 07)