Hi, I have a proprietary, stream-oriented transport protocol, typically used on serial links, which is difficult to "parse" by hand. The protocol has port numbers, flags and sequence numbers (similar as TCP). For TCP, wireshark offers lovely ways to view, analyze and evaluate traffic. I would like to have the same for my serial protocol.
Is wireshark suited to view, analyze and evaluate such a proprietary protocol? I took a look to the documentation and read about dissectors. As far as I understand essentially they could be implemented in C, Python or Lua, is that right? I'd guess a scripting language is more comfortable to use here, so I think I'd try to learn the basics of Python or Lua to write some frame decoder. Also, I think a small script file would be easier to pass around (w/o requiring to recompile/relink wireshark). Is that true? Since my protocol usually is not used on top of TCP (but plain serial lines), I think I'd start with text2pcap with serial hex dumps, but as far as I understood the resulting pcap file is expected to include Ethernet frames, so I'd get a difficulty here? Any comments appreciated, Steffen ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <[email protected]> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:[email protected]?subject=unsubscribe
