Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-dev: Re: [Wireshark-dev] GVCP Dissector

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Marc Petit-Huguenin <marc@xxxxxxxxxxxxxxxxxx>
Date: Wed, 17 Aug 2011 10:46:15 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/17/2011 10:35 AM, Guy Harris wrote:
> 
> On Aug 17, 2011, at 7:58 AM, Joerg Mayer wrote:
> 
>> On Tue, Aug 16, 2011 at 11:04:30AM -0700, Mat Gara wrote:
>> 
>>> Additionally in the future we want to make this dissector easily
>>> configurable so that hardware providers could add support for dissecting
>>> their custom register reads.  To do this we want to make use of XML
>>> configuration files and hence we would need to make use of an XML parser
>>> in this dissector.
> 
> We already have XML configuration files for the DIAMETER and WiMAX ASN
> Control Plane protocols; they use Flex to scan the XML.
> 
>>> One xml parser we have been experimenting with is Expat.  What would it
>>> take to integrate Expat support into wireshark?
> 
> The first thing it requires is Expat working on all the versions of UN*X on
> which Wireshark works, as well as 32-bit and 64-bit Windows.  Given that
> their home page:
> 
> http://expat.sourceforge.net/
> 
> speaks of fixes to make it build on "HP-UX, Tru64, Solaris 9", it'll probably
> work on all the UN*Xes in question; they also mention Windows, but don't say
> anything about Win64.
> 
>> Does it really make sense to do something like this? Why not add the code
>> directly into Wireshark. For one, interpreting stuff at runtime is bad
>> performance wise,
> 
> How much of the work is done at capture-parsing time rather than just being
> done at startup time?
> 
>> also it will be nice to have support in Wireshark for as many product
>> specific extensions as possible.
> 
> They could contribute XML files to Wireshark.

I think it would be great to have a standard XML parser available in Wireshark -
for my dissector, it would be to parse the XML document that is embedded in the
ConfigUpdate RELOAD message.

I would suggest to look at the VTD-XML[1] parser, which is extremely fast and
compact and so, in my opinion, well suited for the kind of parsing needed by
Wireshark dissectors.


[1] http://vtd-xml.sourceforge.net/

- -- 
Marc Petit-Huguenin
Personal email: marc@xxxxxxxxxxxxxxxxxx
Professional email: petithug@xxxxxxx
Blog: http://blog.marc.petit-huguenin.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk5L/mUACgkQ9RoMZyVa61chLQCfXGcEwAEMw0GhE4ces8332+E2
ZAgAn3fUH88CPv392WoLnJIFY8QbRK5Z
=CHjA
-----END PGP SIGNATURE-----
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube