All-
I have been a user of Wireshark for several years. I have been writing plugins for some internal protocols, but up until now have had limited ability to repay the wireshark community. I now have a need that may both help me, and allow some payback... First, let me say that I have been impressed with the new Expert Info and have been integrating many protocol validations into my plugins. As we develop implementations it is extremely useful for the engineers to use this information as validation - saving a lot of frustration during integration. Thanks Ulf! One potential use of both wireshark/tshark and expert info is not supported, however. I would like to use a combination of tshark/expert info to "monitor" our automated testing system and look for protocol violations. We already have a great test harness, with the ability to switch OS, network protocol, etc. automatically. What I would like to do is configure some monitor ports on the 2 switches that we use, run the VLAN monitors into another dedicated monitor box, and then capture all the traffic during our test runs. This part is normal, no need for change. In order for this to work, however, I need to: 1. Identify which tests (programs) were running at the time (this part is easy, I can instrument the tests to advertise themselves on the network and that will get captured (along with address and port) with everything else. 2. Process the capture(s) and identify protocol violations. I don't believe this is handled today. I have seen some posts regarding tshark and expert infos, and I would love to see this feature fleshed out. "Love" to the point that I am willing to spend time to make it happen... However, I don't want to tread on other's areas of ownership or reinvent the wheel, so I am asking the group for how to proceed. I infer from several existing tshark features that outputting the expert infos might not be extremely difficult. If it turns out that I am wrong, then tell me now and I will not bother. If my assumption is correct then I imagine that the first step would be to get consensus on how to control and present the information. I imagine that making a more concrete proposal on this list would be appropriate? Please let me know. This is not a "need it tomorrow" kind of thing for me, but probably a "need it in the next 2 month" kind of thing. Thanks, in advance, for your input. -- Bryant Eastham [EMAIL PROTECTED] Chief Architect Panasonic Electric Works Laboratory of America, Inc. , Salt Lake City Lab 4525 South Wasatch Blvd., Suite 100, Salt Lake City, Utah 84124 Phone : 801.993.7124 Fax: 801.993.7260 MEW Intranet: https://pewla.mew.com/slc/index.php/User:Beastham <https://pewla.mew.com/slc/index.php/User:Beastham>
_______________________________________________ Wireshark-dev mailing list [email protected] http://www.wireshark.org/mailman/listinfo/wireshark-dev
