hey, I am writing a dissector for netscaler core to core messages. Now this protocol works on top of the Net Scaler Trace layer(nstrace), which is introduced by the netscaler for debugging purposes. So when I am writing the dissector for core to core, I want to be able to call (nstrace) after that. So how should I code for that?? PLEASE HELP, ANYONE?? Thanks, Sid asked 14 Feb '11, 20:26  sid |
One Answer:
Simple enough: To call dissector "foo":
Look at any one of the many dissectors which use In fact, if you look at packet-nstrace.c you'll see that it calls the Oops: Actually: the above won't work. - nstrace isn't a "public" (registered dissector) (so it's not available to be found by
So: I'm puzzled when you say the core-to-core protocol runs "on top of" nstrace. What is the actual sequence of protocols in a frame ? answered 14 Feb '11, 22:06  Bill Meier ♦♦ edited 14 Feb '11, 22:26 |
Yes, I was mistaken. I am just told that core to core does not work on top of the nstrace.
So core to core too is expected to be processed as a thin layer outer layer i guess. I am waiting for a sound word about core to core. Meanwhile tell me one thing. core to core definitely does not work on top of nstrace. But it can not work independently right? It has to work on top of some protocol. Ethernet or anyone??
Is that right?? Can a dissector be written which does not work on top of any protocol?? Can core to core be something like that??
Please see my comment in your other question.
I am trying to do the same thing, however can you elaborate on how a dissector gets to become public. I have two dissectors I have written both work individually but when I try to call one from the other the find_dissector call returns NULL.
For the record (much after the fact):
Use: