Hi, I want my dissector to get called when there is some specific pattern of dest mac , for that i am using eth heuristic dissector and my data which i want to dissect is last 12 bytes of IP payload.For this i am calling eth_dissector and then i am calculating exact location of my data and hence dissecting it. I need to know if this is right approach ?
guint16 length , offs;
length = tvb_get_guint16(tvb,16);
offs = 14 + length - 12;
call_dissector(eth_dissector, tvb, pinfo, tree);
if (tree) {
ti = proto_tree_add_item(tree, proto_extl2, tvb, offs,-1, TRUE);
l2_tree = proto_item_add_subtree(ti, ett_extl2);
-----------------------
-------------------------
Dissection continues..</code></pre></div><div id="question-tags" class="tags-container tags"><span class="post-tag tag-link-heuristics" rel="tag" title="see questions tagged 'heuristics'">heuristics</span> <span class="post-tag tag-link-plugin" rel="tag" title="see questions tagged 'plugin'">plugin</span> <span class="post-tag tag-link-wireshark" rel="tag" title="see questions tagged 'wireshark'">wireshark</span></div><div id="question-controls" class="post-controls"></div><div class="post-update-info-container"><div class="post-update-info post-update-info-user"><p>asked <strong>06 Jun '12, 22:33</strong></p><img src="https://secure.gravatar.com/avatar/d15cd2870e25518ba76d2eb42f56bbcb?s=32&d=identicon&r=g" class="gravatar" width="32" height="32" alt="yogeshg's gravatar image" /><p><span>yogeshg</span><br />
41●22●23●26
accept rate: 0%
