Filip Hanik - Dev Lists wrote:
we have a messaging framework that uses both UDP and TCP (and a
proprietary binary protocol on top of those).
Is there a way for me to write, and contribute, a plugin to wireshark
that would read that protocol and display some useful info to the user
when analyzing the capture file?
Could you point me in the right direction such as documentation, current
plugins or examples.
That's what Wireshark is designed to do and there are literally hundreds
of dissectors which goes to show it's not too hard to create new dissectors.
I'd suggest starting with README.developer (in the doc/ directory in the
source). There are lots and lots of examples in
epan/dissectors/packet-*.c .
