On Wed, Feb 21, 2018 at 11:07 AM, Jose Selvi <[email protected]> wrote:
> Hi there, > > It's my first time developing a dissector, so apologize in advance if my > question is too obvious for you guys. > > I'm trying to code a dissector (I'm using LUA) for a quick test. It > should match a piece of traffic inside a ESP tunnel. I have seen that > other dissectors are working inside the decrypted content, but not mine. > > Browsing forums, I found this: > > https://osqa-ask.wireshark.org/questions/58217/how-do-i- > dissect-decrypted-ssl-data-when-im-using-a-master-secret-log > > However, I can't find similar options for ESP, so I guess it only works > for SSL. > Actually I think the same principle applies for IPSEC/ESP traffic: I think you'd need to register your dissector in the `ip.proto` dissector table.
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <[email protected]> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:[email protected]?subject=unsubscribe
