Wireshark · Ethereal-dev: Re: [Ethereal-dev] Re: Ethereal Gripe

[Andreas Sikkema <ramdyne@xxxxxxxxx>]

John McDermott wrote:

> This might be tricky with tethereal.  It would be nice to have a 
> gui-based protocol analyzer builder, though, even if it were simple.  It 
> could generate the "protocol specification language", C or perl/python. 
> I was thinking of a sort of generic, basic (not BASIC) sort of tool so 
> that if someone wanted to one could build a quick and dirty decoder.

I am thinking along the lines of a very simple language (something
like a stripped version of ASN.1).

You have bits, bytes, integers, strings and the sequence in which they
appear are the way the appear in the protocol. Maybe add something
like a choice, but that would make things slightly more complicated,
but not that much I think.

PROTOCOL "MyFirstProtocol", "My very own first protocol"
REGISTER "tcp.port", 1720

INTEGER length
BYTE CHOICE packet_type
     0      setup
            BYTE thing
            STRING caller_id
     1      connect
            BYTE otherthing
            INTEGER something

This might be a little too simple (the parser might get confused
without explicit ends to things), butt his would generate something
along the lines (of the current code):

void packet_dissect_MyFirstProtocol()
{
  create new tree for protocol

  proto_tree_add_item( hf_length, ...);

  int packet_type;
  packet_type = tvb_get_uint32(...);
  proto_tree_add_item( hf_packet_type, ...);

  create new tvb

  switch( packet_type )
  {
    case 0:
      dissect_setup();
    break;
    case 1:
      dissect_connect();
    break;
  }
}


-- 
Andreas Sikkema