Wireshark-dev: Re: [Wireshark-dev] eDonkey dissector update
From: "Maynard, Chris" <Christopher.Maynard@xxxxxxxxx>
Date: Wed, 10 Oct 2007 15:50:46 -0400
> How do the review process works? That's pretty much it. By the way, since you seem to be an edonkey/emule expert, maybe you can take a look at this bug and provide an appropriate patch for the edonkey dissector: http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1802. The bug has to do with the inconsistent display filter field naming conventions used. The rule is to prefix all display filter fields with the PROTOABBREV, in this case, "edonkey.". - Chris -----Original Message----- From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Stefano Picerno Sent: Wednesday, October 10, 2007 3:25 PM To: wireshark-dev@xxxxxxxxxxxxx Subject: [Wireshark-dev] eDonkey dissector update Hi, I've filed a "bug" in bugzilla attaching a patch that updates the edonkey dissector. The vanilla edonkey dissector did not decode any kademlia packet. Kademlia packet are udp packets that recent emule/amule clients use to create a serverless P2P network. As the only reference for the protocol specs is the source code, the dissector has been enhanced inspecting aMule 2.1.3 and eMule 0.48a source code. Most kademlia1 and some kademlia2 messages are now entirely decoded by the dissector. See http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1897 Using this patch I already found a bug in amule networking code. I think it could be useful also to other people. How do the review process works? Bye Stefano Picerno _______________________________________________ Wireshark-dev mailing list Wireshark-dev@xxxxxxxxxxxxx http://www.wireshark.org/mailman/listinfo/wireshark-dev ----------------------------------------- This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, retention, distribution or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorized to receive for the recipient), please contact the sender by reply email and delete all copies of this message. Also, email is susceptible to data corruption, interception, tampering, unauthorized amendment and viruses. We only send and receive emails on the basis that we are not liable for any such corruption, interception, tampering, amendment or viruses or any consequence thereof.
- References:
- [Wireshark-dev] eDonkey dissector update
- From: Stefano Picerno
- [Wireshark-dev] eDonkey dissector update
- Prev by Date: [Wireshark-dev] eDonkey dissector update
- Next by Date: [Wireshark-dev] FTAM ASN.1 copyright
- Previous by thread: [Wireshark-dev] eDonkey dissector update
- Next by thread: [Wireshark-dev] FTAM ASN.1 copyright
- Index(es):
- Get Wireshark
- Download
- Code of Conduct