On Jul 29, 2010, at 7:19 AM, Jon Smirl wrote:
> I'm working on the 802.15.4 packet decoder. 802.15.4 packets have a
> two byte hardware checksum at the end of them. Some sniffer hardware
> includes this checksum in the packets returned and some hardware
> doesn't.
>
> We've been switching between them by changing the source code:
> - ieee802154_handle = find_dissector("wpan");
> + ieee802154_handle = find_dissector("wpan_nofcs");
>
> How can i fix this so that I can switch using the UI?
Well, the first question you should ask is "can I fix this so that I don't *need* to switch using the UI?" If the machine doing the capturing knows whether the sniffer hardware includes the FCS or not, users shouldn't *have* to know it and shouldn't *have* to tell Wireshark.
In what file format are the captures for those different pieces of hardware? If they're in pcap format, you should ask for a new DLT_ value for "802.15.4 without an FCS", use that DLT_ value for the sniffing hardware that doesn't include the checksum, and map that DLT_ value to the new WTAP_ENCAP_IEEE802_15_4_NOFCS value.