Wireshark-dev: Re: [Wireshark-dev] Questing: Calling a Subdissector
From: "Maynard, Chris" <Christopher.Maynard@xxxxxxxxx>
Date: Wed, 19 Sep 2007 10:51:37 -0400
How are you registering your "iwarp_ddp" dissector? You should have something like: proto_register_iwarp_ddp(...) { ... proto_iwarp_ddp = proto_register_protocol("IWARP DDP FULL NAME", "IWARP_DDP", "iwarp_ddp"); ... } Do you have this? Other than that: The dissector handle is used to pass to dissector_add(), dissector_delete(), dissector_change(), ... [see epan/packet.h]. You don't need it in your iwarp_ddp dissector handoff function if you're not making any of those calls. - Chris -----Original Message----- From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Yves Geissbuehler Sent: Wednesday, September 19, 2007 8:14 AM To: wireshark-dev@xxxxxxxxxxxxx Subject: [Wireshark-dev] Questing: Calling a Subdissector Hi all Setting and problem I have a student project to implement protocol support for iWarp in Wireshark. Basically iWarp consists of the three protocols MPA (on top of TCP, no specific port), DDP on top of MPA and RDMA on top of DDP. I managed to write a basic MPA dissector which works (by reading the available docs and looking at the source). I am stuck at the task to call my DDP dissector once I have dissected MPA traffic. In the GUI I only see MPA traffic, but no DDP. It looks like that my DDP dissector is not used to dissect the MPA payload. relevant code in packet-iwarp-mpa.c: <other code of dissect_mpa omitted> /* CASE: MPA FPDU */ if (tvb_length(tvb) >= SMALLEST_FPDU_LEN) /* minimal MPA FPDU */ { if (!is_dissected && check_for_mpa_fpdu(tvb, pinfo)) { tcp_dissect_pdus(tvb, pinfo, tree, TRUE, 2, get_mpa_fpdu_message_len, dissect_mpa_fpdu); next_tvb=tvb_new_subset(tvb, MPA_FPDU_HEADER_LEN, -1, -1); if(ddp_handle) call_dissector(ddp_handle, next_tvb, pinfo, tree); is_dissected = TRUE; } return is_dissected; } } /* end of dissect_mpa */ proto_reg_handoff_mpa(void) { static gboolean initialized = FALSE; if (!initialized) { ddp_handle = find_dissector("iwarp_ddp"); heur_dissector_add("tcp", dissect_mpa, proto_mpa); initialized = TRUE; } } relevant code in dissect-iwarp-ddp.c: proto_reg_handoff_iwarp_ddp(void) { static gboolean inited = FALSE; if (!inited) { dissector_handle_t iwarp_ddp_handle; iwarp_ddp_handle = new_create_dissector_handle (dissect_iwarp_ddp, proto_iwarp_ddp); //dissector_add("PARENT_SUBFIELD", ID_VALUE, iwarp_ddp_handle); inited = TRUE; } } My questions: - Is there any other protocol which is similar to the iWarp at which I could look at (did not find any so far, or did not recognize it) - What is really necessary to do further dissection for my scenario? - What is the meaning/concept behind these dissector_handle_t types? - How do I use dissector_add()? I understand that this is the way to tell Wireshark that it should use this dissector_X if traffic_X comes around. In the above code, I uncommented the dissector_add in the DDP handoff, since I simply do not understand how I could use it. And I am also not really sure if I still need it since I explicitly call the DDP dissector from the MPA dissector. If I should use it I guess it should be something like this: dissect_add("mpa", NO_VALUE, iwarp_ddp_handle); But so far I did not figure out where I have to define "PARENT_SUBFIELD" or "ID_VALUE"? I would be happy to get any comments/explanations or pointers to doc and/or source code. Thank you. Yves _______________________________________________ Wireshark-dev mailing list Wireshark-dev@xxxxxxxxxxxxx http://www.wireshark.org/mailman/listinfo/wireshark-dev ----------------------------------------- This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, retention, distribution or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorized to receive for the recipient), please contact the sender by reply email and delete all copies of this message. Also, email is susceptible to data corruption, interception, tampering, unauthorized amendment and viruses. We only send and receive emails on the basis that we are not liable for any such corruption, interception, tampering, amendment or viruses or any consequence thereof.
- Follow-Ups:
- Re: [Wireshark-dev] Questing: Calling a Subdissector
- From: Yves Geissbühler
- Re: [Wireshark-dev] Questing: Calling a Subdissector
- References:
- [Wireshark-dev] Questing: Calling a Subdissector
- From: Yves Geissbuehler
- [Wireshark-dev] Questing: Calling a Subdissector
- Prev by Date: [Wireshark-dev] Questing: Calling a Subdissector
- Next by Date: [Wireshark-dev] compiler warnings from glib
- Previous by thread: [Wireshark-dev] Questing: Calling a Subdissector
- Next by thread: Re: [Wireshark-dev] Questing: Calling a Subdissector
- Index(es):