Wireshark mailing list archives

Re: Add a protocol to the "decode as" option

From: Michael Mann via Wireshark-dev <wireshark-dev () wireshark org>
Date: Mon, 18 Sep 2017 15:28:07 -0400



Juan Jose,
 
Pascal is correct that you need to setup a dissector table, but you also need to set and register a "decode as 
structure" (decode_as_t) using register_decode_as.
 
Your "RTPS payload" should fall into one of 2 categories:

1. You have a "unique identifier" that determines how to dissect the (next) payload.  For example "Ethernet" has a 
type, IP has a protocol, TCP/UDP have a port.  In this case you set your dissector table up with the "unique identifier 
type" (typically numeric, but there are string and GUID examples).  Then you need to be able to save that "unique 
identifier" during dissection to provide to decode as functionality (as part of decode_as_t structure).  Your plugins 
will also call dissector_add_<type>() to register their "unique identifier".  dissector_add_<type> calls 
dissector_add_for_decode_as() internally, so there isn't a need for plugins to call it explicitly.  packet-ip.c is 
probably a good example to follow.
 
2. There is no unique identifier and payload must be determined by Decode As.  You still need a dissector table and 
plugins will still need to call dissector_add_for_decode_as(), but "setting up the dissector table for decode as" has 
been made simpler by register_decode_as_next_proto().  See https://code.wireshark.org/review/22575 for example uses.
 
 
 
-----Original Message-----
From: Pascal Quantin <pascal.quantin () gmail com>
To: Developer support list for Wireshark <wireshark-dev () wireshark org>
Sent: Mon, Sep 18, 2017 3:05 pm
Subject: Re: [Wireshark-dev] Add a protocol to the "decode as" option



Hi Juan Jose,



2017-09-18 16:21 GMT+02:00 Juan Jose Martin Carrascosa <juanjo () rti com>:

Hi everybody,


I have a set of plugins that work on top of the RTPS protocol. Which is the cleanest and right way to get this set of 
plugins available when I click in "decode as" in a RTPS packet?



If you create a dissector table for your RTPS payload (presumably that's what would need to be decoded as), then your 
plugins can register themselves using the dissector_add_for_decode_as() function.


Best regards,

Pascal.




___________________________________________________________________________Sent via:    Wireshark-dev mailing list 
<wireshark-dev () wireshark org>Archives:    https://www.wireshark.org/lists/wireshark-devUnsubscribe: 
https://www.wireshark.org/mailman/options/wireshark-dev             mailto:wireshark-dev-request () wireshark 
org?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

Add a protocol to the "decode as" option Juan Jose Martin Carrascosa (Sep 18)
- Re: Add a protocol to the "decode as" option Pascal Quantin (Sep 18)
  - Re: Add a protocol to the "decode as" option Michael Mann via Wireshark-dev (Sep 18)