On Mon, May 22, 2000 at 10:10:27AM -0500, Frank Singleton wrote:
>
>
> Hi,
>
> I have written some dissectors for some layer on top of
> TCP and it works ok. But now I wish to create another
> protocol on top the one I have just written.
>
> eg:
>
> read some data, disply it ok
> ok, now this octet and the reamining should
> be a new protocol stack.
>
> ie: I would appreciate if someone could outline
> how to implement this.
> I tried running through the nfs on rpc case, but cant
> seem to see whats going on.
Don't look at RPC. Because it has to keep track of previous
packets and conversations, it's complicated. For an easy
protocol, don't use RPC, AFS, or NCP as examples, since they
have to keep track of conversations in order to decode
packets correctly.
> Really I want to decode some data, and then when
> i hit an octet thats for a new protocol, call
> the dissector for that protocol (and subsequent
> higher protocols).
>
> Some real or pseudo code would be great.
>
> Is there a preferred way to handle this, or
> must I replicate rpc-nfs code ??
We use to have hard-coded calls to the next dissector (with
the offset changed appropriately).
Now we use "handoff" tables, which will allow us to provide
a GUI (in the future) so that the user can dynamically modify
the way in which dissectors call sub-dissectors.
packet-ethertype.c has what is probably the smallest example
of this new behavior. However, if you're working from CVS, then
you'll see our very new structurs in there, tvbuffs. If you want to
stay away from those for the time being (but eventually you'll have to
worry about them, since eventually all the dissectors will use them),
look at packet-udp.c and packet-tcp.c instead.
--gilbert
> Cheers / Frank..
>
> --
> EUS/GN/V/Z Frank Singleton ASO Americas BSS
> Office : +1 972 583 3251 ECN 800 33251
> Pager : +1 800 651 1184 Email : eusfrsi@xxxxxxxxxxxxxxx
> Amateur Radio: VK3FCS/KM5WS Email : frank.singleton@xxxxxxxxxxxx
>
> Hardware: HP Omnibook 4150 running Redhat Linux 6.2 (2.2.14 kernel).
