Re: How to access lower level protocol data from a higher level dissector

[Dylan Ulis <dylan.ulis () gmail com>]

Thanks to you both, I should have thought of pinfo. Looks like it has both
layer 2 and 3 addresses in there, which is all I need from the other
layers. I'll be sure to confirm that type is AT_ETHER

Dylan Ulis
dylan.ulis () gmail com


On Fri, Aug 30, 2019 at 1:37 PM Guy Harris <guy () alum mit edu> wrote:

> On Aug 30, 2019, at 10:17 AM, Richard Sharpe <realrichardsharpe () gmail com>
> wrote:
>
> > On Fri, Aug 30, 2019 at 10:00 AM Dylan Ulis <dylan.ulis () gmail com>
> wrote:
> > > How can I get lower level protocol data in a higher level dissector?
> eg: I'd like to get the source/destination MAC address in my application
> layer dissector.
> > Isn't that info in the pinfo?
>
> Yes, they're pinfo->dl_src and pinfo->dl_dst.
>
> Do *NOT* assume that they are addresses of type AT_ETHER unless you can
> guarantee that your dissector is only called for packets that *have* MAC
> addresses (for example, if your protocol runs atop IPv4 or IPv6, you can't
> guarantee that).
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
> Archives:    https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>              mailto:wireshark-dev-request () wireshark org
> ?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe