gerald@xxxxxxxxxxxx a écrit :
User: gerald
Date: 2005/01/18 10:49 PM
Log:
Add a field called "frame.protocols" which shows the protocols present
in the frame. The filter "frame.protocols contains ip:icmp:ip" could
be used to find any ICMP packets containing IP headers.
Nice. It will prove very useful. I tried it on my workstation, and
noticed some protocols were not present in the chain. Indeed, heuristic
protocols couldn't appear as they don't make use of
call_dissector_work(). The attached patch adds support for protocols
using heuristics. I merely copied the interesting lines, it could be
relevant to put them in a subroutine.
However, some protocols call the next dissector themselves, so we can't
intercept them so easily. I have no good idea about how to do this. It's
the case for RPC for example.
--
Julien Leproust
Index: epan/packet.c
===================================================================
--- epan/packet.c (revision 13118)
+++ epan/packet.c (working copy)
@@ -1471,6 +1471,16 @@
}
if ((*dtbl_entry->dissector)(tvb, pinfo, tree)) {
status = TRUE;
+ /*
+ * Add the protocol name to the layers
+ */
+ if (pinfo->layer_names) {
+ if (pinfo->layer_names->len > 0)
+ g_string_append(pinfo->layer_names, ":");
+ g_string_append(pinfo->layer_names,
+ proto_get_protocol_filter_name(proto_get_id(dtbl_entry->protocol)));
+ }
+
break;
}
}