As far as I know, overriding a default dissector is not possible, or more precise not necessarily very easy. But what you could do is, to implement a generic heuristic entry point in the dis dissector, which then in turn you could use to let your custom plugin take over the dissection from the dis dissector. Take a look at the eth dissector and the heuristic dissector entry point.
I did it this way in the beginning of the openSAFETY dissector with the epl dissector, and it works just fine. If you should keep a separate plugin and not implement the same features in the main dis dissector is a different discussion. regards, Roland On Tue, Dec 1, 2015 at 5:14 AM, Alan Partis <alpar...@thundernet.com> wrote: > I need some direction from some folks smarter than me: > > I need to understand, and possibly make some customizations to, the DIS > dissector (packet-dis.c). I understand that I can make those changes and > run the full wireshark build, but that can be a very laborious and > time-consuming task. Consequently, I'm thinking that I'd like to build > packet-dis.c as a shared library plugin and have wireshark pick up my > customized version and use that instead of the built-in version. > > 1. is that possible? > > 2. Can I do the special plugin build of packet-dis.c right from the > ./epan/dissectors/ subdirectory where it currently resides? Or should I > put a copy of it off in my own working directory/sandbox and build it from > there? > > And lastly: > > 3. Is there anywhere I can find clear instructions on how best to achieve > this? All the plugin dev docs I find go through the very lengthy > discussion of how to write a plugin and use the available API, but at > least for the moment, I am mostly only interested in the build process. > > Thanks. > > _______________________________________________________ > Alan Partis > thundernet development group > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> > Archives: https://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev > mailto:wireshark-dev-requ...@wireshark.org > ?subject=unsubscribe >
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
