We have a custom hardware device that uses the IEEE 802.15.4 transport mechanism. To capture these data in WireShark, we are making use this project https://spaces.microchip.com/gf/project/wireshark_cap/frs/?action=&br_pkgrlssort_by=file_size&br_pkgrlssort_order=desc.
When the data is captured, data transmission packets appear as protocol LwMesh and acknowledgment packets appear as protocol IEEE 802.15.4.
We want to create a custom dissector, to be applied to all of our packets, to more readily understand the traffic. Based on my reading (and I am brand new to this), it is not clear to me if I should create a regular dissector or a heuristic dissector. In either case, I do not understand why the new dissector would be given preference over the existing one (or, similarly, how to apply a specific dissector to multiple packets).
Would you please point me int he direction of an answer. Thank you.
asked 09 Oct '17, 20:17