Microsoft Network Monitor [1] also uses a kind of packet description language. And a lot of such scripts are shipped with the binary.
Perhaps, you can take a look at it too. [1] http://blogs.technet.com/netmon/ On Wed, Apr 22, 2009 at 4:23 PM, POINTEAU Remy < [email protected]> wrote: > Thank you for your help, I will try this way. I'll come back later if i've > got problems. > > Thank you. > > Rémy > > -----Message d'origine----- > De : [email protected] > [mailto:[email protected]]de la part de Guy Harris > Envoyé : mercredi 22 avril 2009 10:07 > À : Developer support list for Wireshark > Objet : Re: [Wireshark-dev] [Wireshark] Data bit by bit > > > > On Apr 22, 2009, at 12:25 AM, POINTEAU Remy wrote: > > > This project should allow Wireshark to dissect packets whose format > > is defined by an XML file. > > I.e., you want a mechanism by which Wireshark can have dissectors that > aren't implemented as compiled C code. > > Therefore... > > > For the moment, I parse the XML file, I extract the information and > > I create the treeview. Now, I need to get the frame and dissect it > > with my XML. > > ...you would have a way in which, instead of the dissector handoff > calling a dissector procedure, it'd call your code, which would use > the parsed XML to control what to do. Your code would be handed a > tvbuff containing the payload for your protocol (not the entire frame, > just the payload for your protocol). You should then fetch individual > values from the protocol, under the control of the parsed XML, using > the existing tvb_get_ routines, or perhaps just the > proto_tree_add_item() routine. > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <[email protected]> > Archives: http://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev > mailto:[email protected]?subject=unsubscribe > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <[email protected]> > Archives: http://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev > mailto:[email protected]?subject=unsubscribe >
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <[email protected]> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:[email protected]?subject=unsubscribe
