Could this be a "Dissectors 101" page on the Wiki Development page ( https://gitlab.com/wireshark/wireshark/-/wikis/Development)? Protocol "foo" is probably deserving of a mini-RFC (complete with Ascii art of the fields) and the text2pcap notes broken out as a real example of how to use it. Links to Graham, Roland, others? sharkfest presentations on dissecting data could be added as references.
Thanks for the pcap! On Mon, Oct 4, 2021 at 2:44 PM Maynard, Christopher via Wireshark-dev < wireshark-dev@wireshark.org> wrote: > I don't know if there's ever been a companion capture file to test the > sample "Foo" dissector or not, so I created one. I also created a > comparable "Foo" dissector written in Lua to complement the C dissector for > those who are just getting started with Lua. The Lua dissector contains > many links to documentation and covers sections 9.2 through 9.4* of the > WSDG, meaning that it includes: > > -> Basic dissection > -> An example preference > -> Expert info example > -> Transformation of data (uncompress) > > Additionally, it illustrates: > -> Plugin info > -> Basic BitOps usage > -> Handoff to another dissector (the "data" dissector in this example) > > The Lua dissector closely matches the equivalent C dissector, but I did > make a few changes in order to pass off the data and to support > decompressing the "Foo" data payload. > > If this thing is of any value to anyone, I suppose I could add it to > https://gitlab.com/wireshark/wireshark/-/wikis/Contrib? In any case, > have a look and see what you think. > - Chris > *I stopped at section 9.4, in other words I did not add support for > reassembly, but the sample "Foo" dissector, as written, doesn't really lend > itself to support reassembly, so if we wanted to illustrate that as well, > then we'd first have to modify the "Foo" protocol. > > > From: Wireshark-dev <wireshark-dev-boun...@wireshark.org> On Behalf Of > chuck c > Sent: Sunday, October 3, 2021 12:36 PM > To: Developer support list for Wireshark <wireshark-dev@wireshark.org> > Subject: [Wireshark-dev] WSDG: "foo" protocol sample capture > > https://www.wireshark.org/docs/wsdg_html_chunked/ChDissectAdd.html > > `Let’s step through adding a basic dissector. We’ll start with the made up > "foo" protocol. ...` > > Has there ever been a companion capture file to test the sample dissector > in the WSDG? > > > > > > > > > > > > CONFIDENTIALITY NOTICE: This message is the property of International Game > Technology PLC and/or its subsidiaries and may contain proprietary, > confidential or trade secret information. This message is intended solely > for the use of the addressee. If you are not the intended recipient and > have received this message in error, please delete this message from your > system. Any unauthorized reading, distribution, copying, or other use of > this message or its attachments is strictly prohibited. > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> > Archives: https://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev > mailto:wireshark-dev-requ...@wireshark.org > ?subject=unsubscribe >
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
