Alexandre Abreu wrote:
Hi.
Has anyone ever found a case where the successful dissection of one
protocol depends on what was negotiated in another protocol?
Yes, this is done for RTP traffic, which is set up via H.245 or SIP/SDP.
I guess my question comes down to: how can we store the information
from dissection of one protocol so that it can be used to dissect
another protocol, while still following wireshark's dev guidelines.
Have a look at rtp_add_address (in packet-rtp.c), which is called from
packet-sdp.c and packet-h245.c.
Cheers
Richard