Phillip Paradis wrote: > One might be able to do as Nvidia/ATI et. al. do with their drivers. Create > the plug-in itself as a generic binary module which decodes blocks of data; > it would make no use of the Wireshark APIs and cannot include or link with > any GPL code. Then create a stub that fits between Wireshark's APIs and the > plugin; this would be released as source code along with the binary, and > would also not contain any Wireshark code, though it would contain the > necessary header includes.
If you release a binary dissection module, what's to stop someone from feeding it fuzzed and randomized data, mapping the input and output, and reverse-engineering the protocol itself? Dissectors aren't device drivers, and their very nature (i.e. "tell me everything you know about the data at offset X") means that once you release a dissector, you've also released the details of your protocol. _______________________________________________ Wireshark-dev mailing list [email protected] http://www.wireshark.org/mailman/listinfo/wireshark-dev
