Wireshark-dev: Re: [Wireshark-dev] How to get UDP port numbers in sub-dissector

From: Guy Harris <guy@xxxxxxxxxxxx>
Date: Mon, 23 May 2011 10:41:09 -0700
On May 23, 2011, at 7:55 AM, eymanm wrote:

> I'm making a dissector for a protocol that is based on UDP.

By "based on UDP", do you mean:

	1) your protocol is an unreliable transport-layer protocol similar to UDP but not the same as UDP

or

	2) your protocol runs on top of UDP?

> I'd like to show the source and destination ports in the Info column, pretty much the same way as it shown by the UDP dissector. Can somebody suggest how to get the  port numbers when I'm dissecting the payload?

If the answer is 1), then, if your protocol has port numbers, you get them from your dissector.

If the answer is 2), the packet_info structure pointed to by the "pinfo" argument to your dissector has "srcport" and "dstport" members that, for a protocol running atop UDP, have the UDP source and destination port numbers.