Wireshark · Ethereal-dev: Re: [Ethereal-dev] Support for pure protocol packetswithout underlying protocol data

Ethereal-dev: Re: [Ethereal-dev] Support for pure protocol packetswithout underlying protocol

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Richard Sharpe <rsharpe@xxxxxxxxxxxxxxxxx>

Date: Thu, 3 Jul 2003 14:00:27 -0700 (PDT)

On Thu, 3 Jul 2003, Richard Sharpe wrote:

> > How is that better than just saying:
> > 
> > type=SMB,data="..."?  Why do you need to know what wasn't there above SMB?
> > 
> > Or are you thinking of being able to have IP + SMB but no TCP?  (Which 
> > seems really complicated to me.)
> 
> No, I was thinking of how a tool like Ethereal would be able to figure out 
> how to dissect the PDUs in a packet that simply contained SMB PDUs.
> 
> It seems that we have two alternatives:
> 
>   1. Unique protocol IDs for each and every protocol
> 
>   2. Some sort of path to the protocol.
> 
> Perhaps there are other approaches that I have not though of.

OK, so there is also:

    3. DecodeAs.

Regards
-----
Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, 
sharpe[at]ethereal.com, http://www.richardsharpe.com

References:
- Re: [Ethereal-dev] Support for pure protocol packetswithout underlying protocol data
  - From: Richard Sharpe

Prev by Date: Re: [Ethereal-dev] Support for pure protocol packetswithout underlying protocol data
Next by Date: Re: [Ethereal-dev] Support for pure protocol packetswithout underlying protocol data
Previous by thread: Re: [Ethereal-dev] Support for pure protocol packetswithout underlying protocol data
Next by thread: Re: [Ethereal-dev] Support for pure protocol packetswithout underlying protocol data
Index(es):
- Date
- Thread