Wireshark-dev: Re: [Wireshark-dev] ask about dissector_add ( ) function to instruct wireshark t

From: Chris Maynard <Christopher.Maynard@xxxxxxxxx>
Date: Wed, 22 Jun 2011 00:48:13 +0000 (UTC)
Changqin Xia <xiachangqin66@...> writes:

> Hi, allI am a newbie on dissector development. I have a question about the
"dissector_add( )" function.I went through a few examples, most of them are
using "tcp.port" or "udp.port" or something like that.My dissector not uses any
port number to instruct wireshark to pass packets to my dissector, my dissector
is using "Magic" (the first byte).  Any one can tell me if I use the magic
number to realize dissector_add( ) function, what should I do?  any example? any
other dissector in the same way? or Any part on the "README.developer" talking
about this?ThanksJohn

The new name of the function is dissector_add_uint() and there are plenty of
examples where it's used to register a value in dissector tables other than
tcp.port or udp.port.  One of MANY such examples can be found in packet-ip.c:

dissector_add_uint("ethertype", ETHERTYPE_IP, ip_handle);

If you're using Wireshark 1.6, you can view all the tables through "Internals ->
Dissector tables".  The string tables and integer tables are segregated.