On Feb 6, 2007, at 3:56 PM, Shehjar Tikoo wrote:
Hi all
With regards to the NFS anonymizer that I am working on currently, I
was
wondering, whether a feature like multiple dissectors for single
protocol would be a good idea.
Mainly, the idea is that there can be a pipeline or a queue of
dissectors for the same protocol but only one of them has the
capability/right/priority to update or access the wireshark/tshark UI.
No dissector has any right to do anything directly with the *shark UI;
they only have the right to construct summary display information and
protocol trees, and to register preferences and dissectors.
This particular UI-attached dissector could then either be
user-selectable or selected from the pipeline based on some other
conditions.
Why would you want to choose from one of multiple dissectors, instead
of having a single dissector that does the right thing, or that has
preferences to control what it does?
Note: anonymizing packets isn't what a dissector does; a dissector
dissects packets. If you want hooks to do anonymization that
understands particular protocols, the way to do that would be to add
hooks for anonymization, rather than trying to abuse the protocol
dissection mechanism and being then forced into adding more mechanism
to all ow that sort of abuse.
So what sort of hooks into the *existing* dissectors do you need in
order to do anonymization?