Hello,
I have a question about a relationship between some fields and protocols.
I have protocol A (A over UDP) that can transport protocol B (B over A,
of course) and protocol C (C over A). Protocol A has extensions and
variable fields, identified by a number.
There are extensions with a number within a known interval that are
related to A, but there are also additional extensions with a number
within another known interval related to the upper layer protocol (B, C
or other protocols).
For example, in protocol A, the extension numbered 64 contains data
related to protocol B, if A transports B, or to protocol C, if A
tranports C.
There's no way to understand the protocol of A's payload. This should be
done manually by the user, using the "decode as ..." window.
Where should I write the code to dissect those extensions?
If I add their dissector in A, how can I know which is the upper layer
protocol choosen by the user? Also, I think it's not a good idea to add
the code to dissect B, C or other protocols in A's dissector.
If I add their dissector in B and C, how can I access bytes of A, a
lower level protocol? And how can I update A protocol tree?
I think there could be a third way: since B and C are very related to A,
I could consider them as a single protocol, and write 3 dissector: one
for A (generic, that doesn't dissect those extensions), one for B/A, one
for C/A.
Any suggestion?
Thanks.
Stefano