Wireshark · Ethereal-dev: [ethereal-dev] idea for a 'standard' way of handling unknown data

Ethereal-dev: [ethereal-dev] idea for a 'standard' way of handling unknown data

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Neulinger, Nathan R." <nneul@xxxxxxx>

Date: Wed, 8 Dec 1999 17:01:49 -0600

It would be nice if we could distinguish between the use of dissect_data to
actually dissect data, and the use of it to handle an unknown portion of a
packet.

What I would love to be able to do (for development purposes) is do a filter
of "unknown" and have it filter out all the packets that are deemed to be
fully and correctly decoded. 

It could be done by having a dissect_unknown() routine, or always adding a
proto_tree item for "unknown". This would allow someone to quickly see what
needs work. Things like unknown subprotocols, unknown ipx sockets (outside
the dynamic ranges of course), etc. Just a thought.

-- Nathan

------------------------------------------------------------
Nathan Neulinger                       EMail:  nneul@xxxxxxx
University of Missouri - Rolla         Phone: (573) 341-4841
Computing Services                       Fax: (573) 341-4216

Prev by Date: [ethereal-dev] plugins+gryphon
Next by Date: Re: [ethereal-dev] wiretap request - if it's not too much trouble
Previous by thread: [ethereal-dev] plugins+gryphon
Next by thread: Re: [ethereal-dev] idea for a 'standard' way of handling unknown data
Index(es):
- Date
- Thread