Wireshark · Wireshark-dev: Re: [Wireshark-dev] Extending the DHCP dissector

Wireshark-dev: Re: [Wireshark-dev] Extending the DHCP dissector

Date: Fri, 25 Sep 2009 19:22:12 -0400

In the Wireshark wiki there is a Lua code example for a chained dissector:
http://wiki.wireshark.org/Lua/Dissectors

It looks like they simply add the new dissector into the parent protocol's dissector table with the same port as the original, thereby overwriting its entry in the dissector table. If you made a new bootp dissector as a plugin, could you do the same trick to replace the existing builtin dissector without having to rebuild Wireshark? You'd have to build the plugin of course, but you wouldn't need a custom wireshark build.

Follow-Ups:
- Re: [Wireshark-dev] Extending the DHCP dissector
  - From: Borz, John (IPG-Roseville R&D)

References:
- [Wireshark-dev] Extending the DHCP dissector
  - From: Borz, John (IPG-Roseville R&D)
- Re: [Wireshark-dev] Extending the DHCP dissector
  - From: Guy Harris
- Re: [Wireshark-dev] Extending the DHCP dissector
  - From: Borz, John (IPG-Roseville R&D)
- Re: [Wireshark-dev] Extending the DHCP dissector
  - From: Guy Harris
- Re: [Wireshark-dev] Extending the DHCP dissector
  - From: Borz, John (IPG-Roseville R&D)
- Re: [Wireshark-dev] Extending the DHCP dissector
  - From: Maynard, Chris
- Re: [Wireshark-dev] Extending the DHCP dissector
  - From: Borz, John (IPG-Roseville R&D)

Prev by Date: Re: [Wireshark-dev] Extending the DHCP dissector
Next by Date: Re: [Wireshark-dev] Extending the DHCP dissector
Previous by thread: Re: [Wireshark-dev] Extending the DHCP dissector
Next by thread: Re: [Wireshark-dev] Extending the DHCP dissector
Index(es):
- Date
- Thread