Hello, I'm trying to implement a dissector for a modification of a message from the ICMPv6 protocol. The modification is basically using an 8-bit reserved field in the ARO (Address Registration Option) message and populating it with 3 new values (4 + 2 + 2 bits). From this documentation link, I can see that Wireshark supports the following ARO related filters: icmpv6.opt.aro.eui64, icmpv6.opt.aro.registration_lifetime and icmpv6.opt.aro.status. What I'd like to do in my dissector is extend the existing ICMPv6 dissector by dissecting the three new values in the reserved 8-bit field, as well as adding three additional filters for each value. My doubts are: Is it possible to accomplish this, possibly using a chained dissector or post-dissector? Can I edit/modify a tree created by another dissector, when I call it using Best regards, and thanks in advance! asked 17 Apr '13, 05:54  ojay edited 17 Apr '13, 05:54 |
This is a static archive of our old Q&A Site.
Please post any new questions and answers at ask.wireshark.org.
