Wireshark · Ethereal-dev: [Ethereal-dev] Re: New dissector: STANAG 5066

Ethereal-dev: [Ethereal-dev] Re: New dissector: STANAG 5066

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: ronnie sahlberg <ronniesahlberg@xxxxxxxxx>

Date: Sat, 15 Oct 2005 18:20:59 -0400

Hi,

The dissector looks really good.

1, Do you have any sample captures of this protocol we can use for
fuzz testing and also put on the sample captures page (i assume few
people have access to an exotic protocol like this )?

2, Do you plan to add any heuristics to this protocol to verify that
it is indeed your protocol?
Probably best to add that in the dissect_..._tcp() function before
spawning it off to tcp_dissect_pdus().
This would help when there is a dissector port conflict, i.e. when
there is traffic between your well known port and the other port is
another well known port such as smtp or similar.
This allows ethereal to try both your port and the other dissector and
tell which protocol it really is.

On 10/14/05, M.P. Andriesse <menno.andriesse@xxxxxxxxxxxxx> wrote:
> Oops...
>
> Actually attaching the file does work better...
>
> --
> Menno Andriesse
>
...

Follow-Ups:
- [Ethereal-dev] Re: New dissector: STANAG 5066
  - From: Menno Andriesse

References:
- [Ethereal-dev] New dissector: STANAG 5066
  - From: M.P. Andriesse

Prev by Date: Re: [Ethereal-dev] Parsing a PCAP file
Next by Date: [Ethereal-dev] buildbot failure in Fedora Core 4 (IA32)
Previous by thread: [Ethereal-dev] New dissector: STANAG 5066
Next by thread: [Ethereal-dev] Re: New dissector: STANAG 5066
Index(es):
- Date
- Thread