Table of Contents
There are a multitude of plugin options available in Wireshark that allow its its functionality to be extended without changing the source code itself. Using the available APIs gives you the means to do this.
Currently plugin APIs are available for dissectors (epan), capture file types (wiretap) and media decoders (codecs). This chapter focuses primarily on dissector plugins; most of the descriptions are applicable to the other plugin types as well.
As noted in Section 9.2.1, “Setting up the dissector”, writing a "plugin" dissector is not very different from writing a standard one. In fact all of the functions described in README.dissector can be used in the plugins exactly as they are used in standard dissectors.
If you’ve chosen "foo" as the name of your plugin (typically, that would be a short name for your protocol, in all lower case), the following instructions tell you how to implement it as a plugin. All occurrences of "foo" below should be replaced by the name of your plugin.