Wireshark-dev: [Wireshark-dev] eDonkey dissector update
From: Stefano Picerno <[email protected]>
Date: Wed, 10 Oct 2007 19:25:18 +0000 (UTC)
Hi,
  I've filed a "bug" in bugzilla attaching a patch that updates the edonkey
dissector.

The vanilla edonkey dissector did not decode any kademlia packet.
Kademlia packet are udp packets that recent emule/amule clients use to create a
serverless P2P network.

As the only reference for the protocol specs is the source code, the dissector
has been enhanced inspecting aMule 2.1.3 and eMule 0.48a source code.

Most kademlia1 and some kademlia2 messages are now entirely decoded by the
dissector.

See http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1897

Using this patch I already found a bug in amule networking code. I think it
could be useful also to other people.

How do the review process works?

Bye
 Stefano Picerno