Hello,
I have to build a dissector for a non-public protocol.
The protocol I have to dissect is an encapsulation for another one. There are 2
types of packets. The one is with Message Buffer (MB) and the other is with
User buffer (UB).
In a packet with MB there is a tag that indicates that the next packet has UB.
If the tag is not set the next message has also MB and there can be the tag.
How can I realize this in my dissector?
I tried it with a global varibale that indicate it and which is checked before
dissecting.
/* BEGIN CODE */
/* this is the global variable */
gint with_ub = 0;
void dissect_foo() {
if (with_ub == 1) {
decode_with_ub();
} else {
decode_with_mb();
}
/* tag == 1 if the next message is with UB */
if (tag == 1) {
with_ub = 1;
} else {
with_ub = 0;
}
}
/* END CODE */
But this doesn't work because the protocol tree is built up again each time I
click on a packet to see the detailed tree. So if I click on a packet which has
the tag, my variable "with_ub" is set to true and so the next packet will be
dissectet as a packet with_ub. But then I click on another packet (NOT the next
one) and wireshark "thinks" that this packet has to be decoded with_ub because
the variable "with_ub" is set.
Does anybody understood what I mean? ;-). The dissect_foo()-function is called
each time I click on a packet to see the details.
How can I refer in the dissect_foo()-function to the packet before.
--
Psssst! Schon vom neuen GMX MultiMessenger gehört?
Der kanns mit allen: http://www.gmx.net/de/go/multimessenger
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev
