Nice job Ulf. Attached is a small patch with minor formatting changes and a few XXX's filled in with some additional information.
I do have one more question/thought about heuristic dissectors as it pertains to TCP heuristic dissectors though. Should the README.heuristic examples be changed to make use of tcp_dissect_pdus() for TCP-based heuristic dissectors? In fact, should existing Wireshark dissectors that currently simply register as TCP heuristic dissectors be modified so they can take advantage of TCP reassembly? A quick grep of epan/dissectors/packet-*.c yields 41 such dissectors. - Chris > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:wireshark-dev- > [EMAIL PROTECTED] On Behalf Of Ulf Lamping > Sent: Saturday, September 06, 2008 7:35 AM > To: Developer support list for Wireshark > Subject: Re: [Wireshark-dev] heuristic Dissector for Dummies > > Hi Chris! > > I've just compiled doc/README.heuristic, containing my intro text and > your code snippet - plus a little bit of editing. > > > @all: Feel free to have a look and send improvements ... or even better > patches ;-) > > Hope this helps, > > Regards, ULFL CONFIDENTIALITY NOTICE: The contents of this email are confidential and for the exclusive use of the intended recipient. If you receive this email in error, please delete it from your system immediately and notify us either by email, telephone or fax. You should not copy, forward, or otherwise disclose the content of the email.
README_heuristic.patch
Description: README_heuristic.patch
_______________________________________________ Wireshark-dev mailing list [email protected] https://wireshark.org/mailman/listinfo/wireshark-dev
