Shah, Sachin wrote:
Thanks for your response. I am using ethereal 0.10.12 for these plugins
You should probably update to a later release; the current release of
the application formerly known as Ethereal and now known as Wireshark is
0.99.6.
and the signature expected for "dissect_???" method is "static void
dissect_???(tvbuff_t*, packet_info*, proto_tree*)",
The signature expected for *non-heuristic* dissectors is the signature
you describe.
The signature expected for *heuristic* dissectors has a return value of
gboolean, and that has been the case since the very first release that
supported heuristic dissectors (which happened so long ago that I forgot
whether I was the person who added the heuristic dissector mechanism or
not :-)).
so I don't think "return FALSE" will work for me.
A dissector that doesn't return a Boolean value is not a heuristic
dissector (and a dissector that always returns TRUE is a heuristic
dissector with no heuristic :-)), so if you want your dissectors to be
heuristic, *NOT* doing "return FALSE" in at least one place in the
dissector will not work for you.
I looked at the packet-acn.c and it doesn't seem to use
"heur_dissector_add()", but it does call "find_dissector("ip")" to get
ip_handle, but it doesn't use the ip_handle anywhere. Am I missing
something there?
Yes, you're missing the latest version of Ethereal/Wireshark. Try
looking at the packet-acn.c in 0.99.6.