Hi, I have an issue. I have made a plugin for a protocol names View Change Messages. It is working fine. These messages can be seen on TCP port 7002. Now in response to these view messages, view accept and view reject messages are seen which are also on TCP port 7002. So I made a plugin (separate plugin) for view accept. However, now since two of my plugins detect packets on TCP port 7002, only one plugins decodes packets. So how to take care of different messages which work on top of same protocol and on the same port?? Regards, Sidharth asked 03 Aug '11, 02:19  sidharth |
One Answer:
Surely these extra messages are part of the same protocol, and your single dissector should handle all of them? Why do you think that you need a separate dissector for each message? answered 03 Aug '11, 03:28  grahamb ♦ |
i realize that now. But all these messages have different packet structures.!!! So how to deal with that??
In your dissector add handlers for each message type, hopefully your protocol has some form of message type indicator in a common header that the code can use. Most dissectors obtain that value and then use a
switch()to handle the separate cases.