Hi all,
I have already asked this question on Q&A and was advised
to put it here.
I am working with a USB Link Layer traffic dump in pcap format.
I have managed to implement a dissector for it. My dissector
recognizes different USB packets and tokens. My goal is to pass
the data to higher layer dissectors. I am going to reassemble
the data packets in order to dissect full USB transfers. That's
not problem for me. The problem is, how to integrate it with the
current USB implementation in Wireshark in order to call
existing dissecctors for USB application layer protocols like
MTP or ADB.
As far as I understand it, they rely on the current
implementation of USB protocol dissector. For now I can see two
possibilities, but any of them does not seem completely right.
1) I could call the existing USB dissector from my USB Link
Layer dissector, but that would require a lot of changes in the
packet-usb.c. I would have to implement the whole transfers
reassembly in packet-usb.c
2) I could write a new dissector that somehow "mocks" the USB
dissector and behaves in the same way from the point of view of
application layer dissectors. I guess that in this case I'd have
ti implement a second dissector for the same protocol. I am also
not sure if this is right.
Thanks in advance for all responses. I am new to Wireshark
development. For now, I am implementing this just for my own
usage, but I am planning to send it to Open Source in the
future.
Best regards,
Maciej
