Nice job Ulf. Attached is a small patch with minor formatting changes
and a few XXX's filled in with some additional information.
I do have one more question/thought about heuristic dissectors as it
pertains to TCP heuristic dissectors though. Should the
README.heuristic examples be changed to make use of tcp_dissect_pdus()
for TCP-based heuristic dissectors? In fact, should existing Wireshark
dissectors that currently simply register as TCP heuristic dissectors be
modified so they can take advantage of TCP reassembly? A quick grep of
epan/dissectors/packet-*.c yields 41 such dissectors.
- Chris
> -----Original Message-----
> From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-
> bounces@xxxxxxxxxxxxx] On Behalf Of Ulf Lamping
> Sent: Saturday, September 06, 2008 7:35 AM
> To: Developer support list for Wireshark
> Subject: Re: [Wireshark-dev] heuristic Dissector for Dummies
>
> Hi Chris!
>
> I've just compiled doc/README.heuristic, containing my intro text and
> your code snippet - plus a little bit of editing.
>
>
> @all: Feel free to have a look and send improvements ... or even
better
> patches ;-)
>
> Hope this helps,
>
> Regards, ULFL
CONFIDENTIALITY NOTICE: The contents of this email are confidential
and for the exclusive use of the intended recipient. If you receive this
email in error, please delete it from your system immediately and
notify us either by email, telephone or fax. You should not copy,
forward, or otherwise disclose the content of the email.
Attachment:
README_heuristic.patch
Description: README_heuristic.patch
