ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
July 17th, 2024 | 10:00am-11:55am SGT (UTC+8) | Online
Wireshark logo

Ethereal-dev: Re: [Ethereal-dev] Re: Ethereal Gripe

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Ashok Narayanan <ashokn@xxxxxxxxx>
Date: Wed, 20 Aug 2003 16:58:27 -0400
That's a little tough; freeform protocols are somewhat harder to deal
with. 

A lot of IETF protocols are going to this "TLV" type of message like
used in RSVP. The message is a series of objects; each object has a
type, a subtype, and a length (not necessarily in that order). Each
object has a separate definition. 

Maybe some sort of XML parser that describes these objects, and the
header? I was thinking about it some time back but gave up due to lack
of time. Maybe I (or somebody) can dig up this chestnut again...

-Ashok

On Wed, Aug 20, 2003 at 10:45:55PM +0200, Andreas Sikkema wrote:
> 
> John McDermott wrote:
> 
> > This might be tricky with tethereal.  It would be nice to have a 
> > gui-based protocol analyzer builder, though, even if it were simple.  It 
> > could generate the "protocol specification language", C or perl/python. 
> > I was thinking of a sort of generic, basic (not BASIC) sort of tool so 
> > that if someone wanted to one could build a quick and dirty decoder.
> 
> I am thinking along the lines of a very simple language (something
> like a stripped version of ASN.1).
> 
> You have bits, bytes, integers, strings and the sequence in which they
> appear are the way the appear in the protocol. Maybe add something
> like a choice, but that would make things slightly more complicated,
> but not that much I think.
> 
> PROTOCOL "MyFirstProtocol", "My very own first protocol"
> REGISTER "tcp.port", 1720
> 
> INTEGER length
> BYTE CHOICE packet_type
>      0      setup
>             BYTE thing
>             STRING caller_id
>      1      connect
>             BYTE otherthing
>             INTEGER something
> 
> This might be a little too simple (the parser might get confused
> without explicit ends to things), butt his would generate something
> along the lines (of the current code):
> 
> void packet_dissect_MyFirstProtocol()
> {
>   create new tree for protocol
> 
>   proto_tree_add_item( hf_length, ...);
> 
>   int packet_type;
>   packet_type = tvb_get_uint32(...);
>   proto_tree_add_item( hf_packet_type, ...);
> 
>   create new tvb
> 
>   switch( packet_type )
>   {
>     case 0:
>       dissect_setup();
>     break;
>     case 1:
>       dissect_connect();
>     break;
>   }
> }
> 
> 
> -- 
> Andreas Sikkema
> 
> _______________________________________________
> Ethereal-dev mailing list
> Ethereal-dev@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-dev

-- 



--- Asok the Intern ----------------------------------------
Ashok Narayanan
IOS Network Protocols, Cisco Systems
1414 Mass Ave, Boxborough MA 01719
Ph: 978-936-1608.  Fax: 978-936-2218 (Attn: Ashok Narayanan)
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube