Hi, I was planning of building a
dissector for a school project, but the (crappy) protocol I want to dissect has
(at least) a little issue: it has not explicit "version" field. To determine the
version the application has to guess based on the "type" and "length" fields.
How should that be handled by the dissector if I wanted to display this version
and/or allow filtering based on version? I quickly read through the whole
readme.developer file, but found nothing for this specific kind of issue. Is
there some kind of trick I could do using the proto_tree_add_XXX_hidden()
functions and some "fake tvb" containing only the version number? Any
ideas?
Another question, is there a way to
make a dissector be called only when multiple conditions are met? This way I
could make separate dissectors for each version/type combo of the variable
length body part of the protocol I want to dissect. It would make each source
file much less "crowded" and perhaps easier to extend the thing later-on than if
I had to put everything in the same one (I know this is mostly
cosmetic concern). Anyone has comments for or against this
idea?
Thank you for your time, your understanding and your
inputs.
Simon B.
|