Thank you for your quick responses. I see that TSN.1 and wsgd do what I had planned to do. Especially, wsgd is available in source code. One less thing to do :).
On another note, there is a problem with ASN.1, which is since it is only a notation, no operation is possible. If you look at 3GPP TS 25.331, you will see that a lot of comments in ASN.1 like: -- Actual value RRC = IE value * 0.032 The user needs to go and change the decoded value after running it through an ASN.1 compiler. But, as you said ECN probably will let you get around these by defining these at ECN types for each exception and then encode it yourself. One only need to change the definition to ECN definition and write the encodings. Thanks for the replies. I am glad I asked. Best Regards, Behdad -----Original Message----- From: wireshark-dev-boun...@wireshark.org [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Guy Harris Sent: Thursday, February 19, 2009 5:50 PM To: Developer support list for Wireshark Subject: Re: [Wireshark-dev] Dissector Generator On Feb 19, 2009, at 2:41 PM, Gerald Combs wrote: > Behdad Forghani wrote: >> I am thinking of developing a notation along with code generator and >> Eclipse integration to specify protocol PDUs and then generate >> Wireshark >> dissectors automatically, thus reducing the time to hand code >> dissectors >> and errors. Before, I do that, I wanted to make sure that I am not >> reinventing the wheel. Does such a tool already exist for non ASN.1 >> protocol messages? > > You might want to take a look at the NetPDL and TSN.1 notations: > > http://www.nbee.org/doku.php?id=netpdl:index > http://www.protomatics.com/tsn1.html Others have suggested the BinPAC language used by the Bro IDE: http://bro-ids.org/wiki/index.php/BinPAC and I think Scapy was mentioned in this context (or maybe I stumbled across it): http://www.secdev.org/projects/scapy/ and somebody's worked on some code to do this with their own language: http://wsgd.free.fr/ or, heck, maybe use ASN.1 - ASN.1 isn't a protocol; the "A" stands for "Abstract", so it's a way to describe the "abstract syntax" of protocols, and you have to add the encoding rules to see what that turns into as a sequence of octets, and there's an Encoding Control Notation: http://en.wikipedia.org/wiki/Encoding_Control_Notation to let you specify non-standard encodings. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe