Wireshark · Wireshark-dev: Re: [Wireshark-dev] Dissector Registration Query

["Kumar, Hemant" <kumarh@xxxxxxxxxxxx>]

 

Hi Jaap

 

Thanks for the reply.

I tried the following logic, but it results in the following error when the wireshark does registration for all the dissectors:--

 

11:35:43          Err  file packet.c: line 1728: assertion failed: (g_hash_table

_lookup(registered_dissectors, name) == NULL)

 

static dissector_handle_t data_handle=NULL;

static dissector_handle_t myprotocol_handle;

 

 

/* Register the protocol with Wireshark */

void proto_reg_handoff_myprotocol(void)

{

   static gboolean initialized = FALSE;

 

   if (!initialized) {

      data_handle = find_dissector("data");

      myprotocol_handle = create_dissector_handle(dissect_myprotocol_tcp, proto_myprotocol);

      

       heur_dissector_add("tcp", dissect_myprotocol _tcp, proto_myprotocol);

      heur_dissector_add("udp", dissect_myprotocol _udp, proto_myprotocol);

 

      initialized = TRUE;

   }

 

}

 

static gboolean dissect_myprotocol_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)

{

            dissect_myprotocol(tvb,pinfo, tree, TCPTRAFFIC);

            return TRUE;

}

static gboolean dissect_myprotocol_udp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)

{

            dissect_myprotocol(tvb,pinfo, tree, UDPTRAFFIC);

            return TRUE;

}

 

 

/* Register all fields */

void

proto_register_myprotocol(void)

{

 

 

/*Fields and subtree array registration arrays*/

.

.

.

/* Register the protocol name and description */

             proto_myprotocol = proto_register_protocol("myprotocol","myprotocol", "myprotocol");

           

 

   /* Required function calls to register the header fields and subtrees used */

            proto_register_field_array( proto_myprotocol, hf, array_length(hf) );

  

            proto_register_subtree_array( ett, array_length(ett) );

            register_dissector("myprotocol", dissect_myprotocol_tcp, proto_myprotocol);

            register_dissector("myprotocol", dissect_myprotocol_udp, proto_myprotocol);

 

}

 

Can you please suggest where I am going wrong? Is it to do with multiple registrations with the same name?

 

Thanks in advance

Hemant

---

From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Jaap Keuter
Sent: Tuesday, July 22, 2008 10:24 PM
To: 'Developer support list for Wireshark'
Subject: Re: [Wireshark-dev] Dissector Registration Query

 

Hi,

 

What about this

 

  dissect_my_protocol(...., gboolean tcp)

  {

    ....

  }

 

  dissect_my_protocol_tcp(....)

  {

    dissect_my_protocol(....., TRUE);

  }

  dissect_my_protocol_udp(....)

  {

    dissect_my_protocol(....., FALSE);

  }

 

  heur_dissector_add("tcp", dissect_my_protocol_tcp, proto_myprotocol);

  heur_dissector_add("udp", dissect_my_protocol_udp, proto_myprotocol);

 

Thanx,

Jaap

---

From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Kumar, Hemant
Sent: 2008-Jul-23 02:11
To: wireshark-dev@xxxxxxxxxxxxx
Subject: [Wireshark-dev] Dissector Registration Query

Hello All

 

I just wanted to know whether we can register our plugin dissector with Multiple protocols.

Basically my dissector should be able to dissect both UDP  and TCP packet payload.

I am implementing it as a Heuristic dissector  by :--

 

heur_dissector_add("tcp", dissect_mprotocol, proto_myprotocol);

 

 

If I add a line  heur_dissector_add("udp", dissect_mprotocol, proto_myprotocol);

Then will it work fine. If it does works then , once UDP and TCP throws the payload to my dissector

For dissection how I can confirm whether it is UDP or TCP based traffic once inside the main dissector

Function in the plugin .

 

 

Hoping to get a quick response on this.

 

Thanks a lot!!

 

Hemant