[Juan Jose Martin Carrascosa <juanjo@xxxxxxx>]

Hi again,

I have been reading some source code (UDP), and I have found the following:

1) When the dissection is completed, we call "decode_udp_ports".

2) Within this function, we get a subset of the tvb with next_tvb = tvb_new_subset(tvb, offset, len, reported_len);

3) We provide that subset to the heuristic dissectors registered with call_heur_dissector_direct(udp_p_info->heur_dtbl_entry, next_tvb, pinfo, tree, NULL);

I will assume that this is the way to go and I will implement it like this.

Thanks!

Juanjo Martin

On Thu, Nov 27, 2014 at 12:09 PM, Juan Jose Martin Carrascosa <juanjo@xxxxxxx> wrote:

Hi all!

I have to implement a new dissector that goes between TCP and RTPS. The name is not decided yet so let's call it XXX. I wonder, what is the best way to proceed here:

1) Currently, RTPS is already registered with UDP and TCP. Register it also with XXX. I don't know what steps do I need to do in the XXX dissector to let other dissectors listen to this one...

2) Do an #include packet-rtps.h in the packet-xxx.c dissector and call the function dissect_rtps with its parameters.

3) Other approach that I am not aware of but you consider right.

Please, in case the proper way to do things is number one, can you point me to any example or documentation? I am planning to provide this to the Wireshark community and I want to make it correctly.

If you need any extra information, please let me know it.

Thanks,

Juanjo Martin