Wireshark-dev: [Wireshark-dev] Dissecting a specific layer (the application layer)
From: Michael <[email protected]>
Date: Wed, 30 Aug 2006 15:11:46 +0200

For a project, I need to be able to dissect an application stream, of say, http. So I have e.g. the http-request (*not* the headers of the underlying protocols), and I would like to be able to dissect this request into a tree (which I imagine the dissect_http function would create). This requires a different entry in the dissection mechanism (different than providing a fully headered packet using a capture file as is normally done).
I can imagine this is done before, but I can't find it. If not, would 
this be possible in your opinion? Or can someone give me a hint how to 
start. The problem is that the complexity of (t)ethereal/wireshark makes 
it difficult to now where to start. Maybe a very simple example of a 
program which dissects a packet (then i could be able to find out how to 
hack it into my preference). Tethereal is already quite complex for me...