the heuristics of NDMP require 28 bytes to be present in order for it to be dissected as NDMP. NDMP is purely a heuristic dissector because TCPENCAP shares the same TCP port.
Since NDMP officially registered port 10000 with IANA, allow it to use dissector_add_uint() instead of packet-ipsec-tcp.c, and by default have TCPENCAP only rely on its heuristics.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5462
svn path=/trunk/; revision=51180
FT_NONE
FT_BYTES
FT_IPV6
FT_IPXNET
FT_OID
Note: Encoding field set to ENC_NA only if the field was previously TRUE|FALSE|ENC_LITTLE_ENDIAN|ENC_BIG_ENDIAN
svn path=/trunk/; revision=39260
keys to have _uint in their names, to match the routines that handle
dissector tables with string keys. (Using _port can confuse people into
thinking they're intended solely for use with TCP/UDP/etc. ports when,
in fact, they work better for things such as Ethernet types, where the
binding of particular values to particular protocols are a lot
stronger.)
svn path=/trunk/; revision=35224
Improve heuristics to exclude cases where the traffic
definitely isn't Cisco's IPSEC inside TCP.
Does this obsolete the NDMP protocol check?
svn path=/trunk/; revision=33441
(1) Trailing/leading spaces are removed from 'name's/'blurb's
(2) Duplicate 'blurb's are replaced with NULL
(3) Empty ("") 'blurb's are replaced with NULL
(4) BASE_NONE, NULL, 0x0 are used for 'display', 'strings' and 'bitmask' fields
for FT_NONE, FT_BYTES, FT_IPv4, FT_IPv6, FT_ABSOLUTE_TIME, FT_RELATIVE_TIME,
FT_PROTOCOL, FT_STRING and FT_STRINGZ field types
(5) Only allow non-zero value for 'display' if 'bitmask' is non-zero
svn path=/trunk/; revision=28770
nothing really in the header to identify it reliably as silly
vendor specific encapsulation
10000 is actually registered by iana for ndmp so it makes no sense for
a lazy vendor to use it by default.
make it check if the packet is ndmp first before assuming that anything
that goes to port 10000 must be some lazy vendor specific protocol
grrr
svn path=/trunk/; revision=23009
Pascal Quantin