Wireshark-bugs: [Wireshark-bugs] [Bug 4733] Additional disseminator module for the 'bitscope.net

Date: Tue, 27 Dec 2011 16:30:05 -0800 (PST)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4733

--- Comment #4 from Chris Maynard <christopher.maynard@xxxxxxxxx> 2011-12-27 16:30:04 PST ---
(In reply to comment #3)
> a port preference should be added and this dissector should be converted to a
> heuristic one.  Refer to doc/README.heuristic for more information.  There are
> also plenty of Wireshark dissectors to use as working examples.

Well, OK, a port preference probably isn't necessary, especially if that port
will never change for the bitscope protocol.

Also, as an alternative to turning the dissector into a heuristic one, it could
instead be converted into a new-style dissector (see packet-radius as an
example); however, there are potential problems with that though.  If a
dissector comes along later on whose protocol has a properly registered port
16385 with IANA, then there are no guarantees as to which dissector will be
given the opportunity to claim the packet first, assuming that new
16385-registered protocol is also written as a new-style dissector.  So, the
bitscope dissector might be afforded the opportunity to claim the packet first,
but its heuristics could fail such that it incorrectly claims the packet when
it shouldn't.  Of course, even with heuristic dissectors this could fail too,
but there are ways to control whether heuristic dissectors get a chance to look
at the packets before/after the other dissectors do, so currently there is a
little more flexibility there.

Ideally, I'd like to see all dissectors whose protocols have registered ports
be turned into new-style dissectors and all others be heuristic dissectors.  In
this way, those protocols have an opportunity to claim the packet first since
the traffic *should* be for it.  And in the event that some other protocol is
using its port, it could hopefully detect the situation and not claim the
packet, thus giving the other protocol a chance to do so.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching all bug changes.