Wireshark · Wireshark-dev: Re: [Wireshark-dev] dissection of packets with unknown format (LDP/MPLS/PWE)

Wireshark-dev: Re: [Wireshark-dev] dissection of packets with unknown format (LDP/MPLS/PWE)

From: Richard van der Hoff <richardv@xxxxxxxxxxxxx>

Date: Mon, 28 Apr 2008 16:14:08 +0100

Alexandre Abreu wrote:

Hi.
Has anyone ever found a case where the successful dissection of oneprotocol depends on what was negotiated in another protocol?


Yes, this is done for RTP traffic, which is set up via H.245 or SIP/SDP.

I guess my question comes down to: how can we store the informationfrom dissection of one protocol so that it can be used to dissectanother protocol, while still following wireshark's dev guidelines.

Have a look at rtp_add_address (in packet-rtp.c), which is called frompacket-sdp.c and packet-h245.c.


Cheers

Richard

Follow-Ups:
- Re: [Wireshark-dev] dissection of packets with unknown format (LDP/MPLS/PWE)
  - From: Alexandre Abreu

References:
- [Wireshark-dev] dissection of packets with unknown format (LDP/MPLS/PWE)
  - From: Alexandre Abreu

Prev by Date: Re: [Wireshark-dev] Preference to display hidden protocol items
Next by Date: Re: [Wireshark-dev] how to modify tvbuff_t* tvb
Previous by thread: [Wireshark-dev] dissection of packets with unknown format (LDP/MPLS/PWE)
Next by thread: Re: [Wireshark-dev] dissection of packets with unknown format (LDP/MPLS/PWE)
Index(es):
- Date
- Thread