guy at netapp
Oct 12, 2000, 5:24 PM
Post #2 of 2
> It is easy/possible for the dissect_myprotocol function to tell if the
Re: Can a dissector tell what protocol and port is using it?
[In reply to]
> packet came in via TCP or UDP, and/or tell which port it's on?
At least for TCP and UDP:
if your dissector is an old-style dissector, "pi.ptype" will be
PT_TCP or PT_UDP, depending on which protocol it was inside,
"pi.srcport" will be the source port number of the
"pi.destport" will be the destination port number of the
"pi.match_port" will be the port number for the service
(i.e., if the packet was sent *to* the port number you
registered, it'll be equal to "pi.destport", and if it
was sent *from* the port number you registered, it'll be
equal to "pi.srcport");
if your dissector is a new-style dissector, it will be passed as
its second argument a "packet_info" structure, and the "ptype",
"srcport", "destport", and "match_port" members of that
structure will be as described above.