I have my own dissector above tcp. I have a signature to detect my packet. If it is not present it should return back to the wireshark where it will decide which port it should go to. How can I do this? Thanks in advance asked 17 Mar '11, 02:05  niks3089 |
One Answer:
If this is a heuristic or new-style dissector, just return FALSE or 0 to tell Wireshark that the packet is not for your protocol. Wireshark will figure out which other dissector(s) to (try to) give it to. [Update] Don't forget to drop by and Accept this answer if it answered your question. answered 17 Mar '11, 06:21  JeffMorriss ♦ edited 09 Mar '12, 07:05 |
currently the port number is 80