This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

send parameters from X.25

0

Hello, I have to dissect some protocols as X.25, sndcp (sndcf)... In X.25 I have the number of circuit VC and the dictionary of compression. In SNDCP, I have the information concerning the compression or not of data and before to dissect the other protocols i have to uncompress the data. To do this, i want to send the VC and the dictionary as parameters from X.25 to SNDCP. For info, i'm using the versions 1.6 of wireshark. So, to start, i try to send VC, and i've done these modifications :

packet.c :

...
call_dissector_with_data(...., void *data)
...
if(handle-> is_new) {
    ret=(*handle->dissector.new)(....,  data);

I modify also the others functions to use the data packet-x.25, in the case NLPID_SNDCF :

...
call_dissector_with_data (....., &vc);
...

packet-sndcp.c :

new_register_dissector(....); instead of register_dissector(...), and

dissect_sndcp(...., void *data)
{
    guint16 vc =0;
    id(data)
    vc=*((guint16 *)data);
        ...
col_add_fstr(pinfo->cinfo, COL_INFO, "SN-DATA N-PDU %d %d, npdu_field1, vc);

}

In my packet, I have juste one VC=1 but the function

col_add_fstr(pinfo->cinfo, COL_INFO, "SN-DATA N-PDU %d %d, npdu_field1, vc)

displays the value 0 instead of 1 for VC. Can you help me please? did I forget to modify other functions?

asked 14 Jan ‘13, 06:26

Gigi's gravatar image

Gigi
6336
accept rate: 100%

edited 16 Jan ‘13, 20:39

Guy%20Harris's gravatar image

Guy Harris ♦♦
17.4k335196

If i understand the function call_dissector_with_data or call_dissector allow us to call the function dissect_PROTO. It’s true? What is the main function of a dissector? Thank you

(17 Jan ‘13, 03:05) Gigi


One Answer:

0

if that can help someone, i had to modify the function try_circuit_dissector too(..., void *data) (packet circuit.c).

answered 18 Jan '13, 03:09

Gigi's gravatar image

Gigi
6336
accept rate: 100%

Yes, there are ways of calling dissectors other than with call_dissector() or call_dissector_with_data(); in order to support passing dissector data, those routines have to be changed. We'll look at doing that in the 1.10 release.

(18 Jan '13, 10:51) Guy Harris ♦♦

try_circuit_dissector() now has a void *data argument in the standard version of Wireshark; that was done either in the 1.10 release or the 1.12 release.

(29 Jan '16, 15:08) Guy Harris ♦♦