Wireshark-dev: Re: [Wireshark-dev] function of dissector_try_uint()

From: Pascal Quantin <pascal.quantin@xxxxxxxxx>
Date: Tue, 17 Feb 2015 10:46:46 +0100
2015-02-17 8:48 GMT+01:00 Vishnu Bhatt <vishnu.bhatt@xxxxxxxxxxx>:

Thanks for the reply. Can you please tell me what is the function of p_get_proto_data() in Wireshark. Specifically, in case of FP frame, what is the role of this function?

 

    p_fp_info = (fp_info *)p_get_proto_data(wmem_file_scope(), pinfo, proto_fp, 0);


Hi Vishnu,

you can find a detailed description of those functions in doc/README.dissector file, chapter 2.5:

2.5 Per-packet information.

Information can be stored for each data packet that is processed by the
dissector.  The information is added with the p_add_proto_data function and
retrieved with the p_get_proto_data function.  The data pointers passed into
the p_add_proto_data are not managed by the proto_data routines, however the
data pointer memory scope must match that of the scope parameter.
The two most common use cases for p_add_proto_data/p_get_proto_data are for
persistent data about the packet for the lifetime of the capture (file scope)
and to exchange data between dissectors across a single packet (packet scope).
It is also used to provide packet data for Decode As dialog (packet scope).

void
p_add_proto_data(wmem_allocator_t *scope, packet_info *pinfo, int proto, guint32 key, void *proto_data)
void *
p_get_proto_data(wmem_allocator_t *scope, packet_info *pinfo, int proto, guint32 key)

Where:
    scope      - Lifetime of the data to be stored, typically wmem_file_scope()
                 or pinfo->pool (packet scope).  Must match scope of data
                 allocated.
    pinfo      - The packet info pointer.
    proto      - Protocol id returned by the proto_register_protocol call
                 during initialization
    key        - key associated with 'proto_data'
    proto_data - pointer to the dissector data.

For FP protocol, this is used to store data later used by sub dissectors like RLC or RRC.
 

 

Thanks

Vishnu Bhatt

 

From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Anders Broman
Sent: Monday, February 16, 2015 7:37 PM


To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] function of dissector_try_uint()

 

 

 

From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Anders Broman
Sent: den 16 februari 2015 15:05
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] function of dissector_try_uint()

 

 

 

From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Vishnu Bhatt
Sent: den 16 februari 2015 14:55
To: Developer support list for Wireshark
Subject: [Wireshark-dev] function of dissector_try_uint()

 

>Hi,

> 

>I have a dissector code (atmii) and I am having problem in understanding the following two lines of code:

> 

>In proto_register_atmii()

> 

>aal_dissector_table = register_dissector_table("atmii.aal2_payload", "AAL payload type", FT_UINT8, BASE_DEC);

 

Registers a dissector table with the name  atmii.aal2_payload in which it will be possible to register a callback for an UINT8 value. Compare with the UDP table where a dissector can

Register to be called for a message with UDP port number. SIP registers for port 5060 for instance.

 

and then in dissect_atmii()

 

if (!dissector_try_port(aal_dissector_table, payload_type, next_tvb, pinfo, tree)) {

proto_tree_add_item(atmii_tree,hf_atmii_aal2_payload, tvb, ATM_HEADER_LENGTH, -1, FALSE);

}

 

The atmii.aal2_payload  table will be searched for a match on payload type if a match is found the callback will be executed handing next_tvb to the called function.

If no match is found(no dissector registered for the payload type FALSE will be returned.

 

>What does these two lines of code do in general as I’ve seen them in other protocols as well?

 

Oh, and you can see who has registered in the table in the Internal menu in the main menu bar and with what value.

 

Thanks

Vishnu

"DISCLAIMER: This message is proprietary to Aricent and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. Aricent accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus."

"DISCLAIMER: This message is proprietary to Aricent and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. Aricent accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus."

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe