Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] RFD: New language to write dissectors

From: Jakub Zawadzki <darkjames-ws@xxxxxxxxxxxx>
Date: Tue, 24 Jul 2012 22:23:03 +0200
On Tue, Jul 24, 2012 at 09:40:36AM -0400, Jeff Morriss wrote:
> On 07/14/2012 06:31 PM, Guy Harris wrote:
> >
> > On Jul 14, 2012, at 8:26 AM, Jakub Zawadzki wrote:
> >
> >> It'd be great if we have some abstract and pure (no C/assembly inline) language to write dissectors.
> 
> [...]
> 
> > On the other hand, it might also allow protocol descriptions to be
> > shipped either in source form or binary form with restrictions on
> > redistribution, providing a way to "get around the GPL" for protocols.
> > Some might consider that a feature (I seem to remember many years ago
> > Cisco raised this issue about some protocols) and others might consider
> > it a bug. If we end up with a consensus of "it's a bug", we might be
> > able to extend the protections of the GPL to dissector descriptions fed
> > to the interpreter, so that if you make a "compiled" protocol
> > description available, you must also make the source available to
> > recipients and must give recipients the right to redistribute the source
> > or binaries.
> 
> I'd tend to think that would be a bug.
> 
> This reminds me of the struggles I've had recently getting people to 
> contribute their diameter.xml changes to Wireshark.  They're able to 
> just add the stuff they need and they don't change versions (or 
> computers) often enough to care so they haven't felt the need to get the 
> changes in.
> 
> Having an editable XML file is great for local modifications but it does 
> lower the "urge" to get the changes checked into the Wireshark trunk. 
> Lowering the barrier to adding dissectors would likely have a similar 
> effect.  

The same situation is possible now with plugins.

I think the main reason why user don't want to contribute, is because it's complicated.
User need to create account, verify his mail, attach dissector sources, fix code, 
answer comments, fix code (again), etc, etc...

But if we have some language, which is easy to write dissector, easy to check (does it parse?),
and easy to maintaince. We can have 'upload your dissector' on main page. 
User need to upload just two files - sources and sample capture file.

> And I think part of what has made Wireshark great (from a 
> user's perspective) is that it supports so many protocols out of the 
> box; it supports so many protocols because it's easy to write them and 
> get them included in Wireshark's repository.

>From my perspective: I really use ~ 20 dissectors, why I need all of them?

Cheers,
 Jakub.