Hi,
I've filed a "bug" in bugzilla attaching a patch that updates the edonkey
dissector.
The vanilla edonkey dissector did not decode any kademlia packet.
Kademlia packet are udp packets that recent emule/amule clients use to create a
serverless P2P network.
As the only reference for the protocol specs is the source code, the dissector
has been enhanced inspecting aMule 2.1.3 and eMule 0.48a source code.
Most kademlia1 and some kademlia2 messages are now entirely decoded by the
dissector.
See http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1897
Using this patch I already found a bug in amule networking code. I think it
could be useful also to other people.
How do the review process works?
Bye
Stefano Picerno
