Is there anyway I can add names to these fields in the types or modify the info column object of the homeplug av protocol by accessing these fields? I want to know if it is possible to write a post dissector which only modifies the unknown types and other required fields by keeping all other fields of homeplug AV. asked 06 Oct '17, 12:32  golthitatun |
One Answer:
A post-dissector cannot modify any fields of the dissection tree already contributed by standard dissectors, but it can append text to the Unlike some other dissectors, the HomePlug-AV one does not seem to be plugin-ready in terms that it would use a dissector table with However, if just appending/replacing text in the info column is not sufficient for you and you don't want to touch the existing homeplug_av dissector, you may create your own dissector, handling only your additional mmtypes, and invoke the standard dissector for all the other ones. This approach requires that you duplicate the header parsing part of the standard dissector (MAC Management Header, Vendor MME) but that's not a big deal. I've seen this approach to be called "chained dissectors". To insert your own dissector in front of the standard one:
In your own dissector you can use exactly the same field names which the standard dissector uses, so the display filters on fields like answered 08 Oct '17, 01:38  sindy edited 08 Oct '17, 11:00 |
Hi thank you, I am new to writing dissectors, can you please share any example code if you have anything related to this.
The first question here is: Lua or C++? I never took the effort to roll out a C++ development environment so cannot give any relevant advice.
I am writing in Lua.
As you say "I am writing", I suppose you only need help with some particular moment (like how to create the dissector chain)? Or you write in Lua in general but never wrote a dissector before? Have you already been here?