On Nov 12, 2008, at 12:10 PM, wsgd wrote:
If you are interested, tell me.
It's definitely interesting, but it should ultimately not be a
dissector - it should be a mechanism built into libwireshark, so that
it's a standard feature of Wireshark and TShark.
The code to read and interpret those files should be in libwireshark,
and, when Wireshark or TShark start up, they should scan a
subdirectory of the Wireshark data directory, reading in the dissector
files (for example, it should look for all .fdesc files and, for each
file, try to open that file and the corresponding .wsgd file and read
them).
The dissector_handle structure defined in epan/packet.h would have the
"is_new" Boolean replaced by an enumerated type, with values for old-
style compiled dissectors, new-style compiled dissectors, and
interpreted dissectors; a new element in the "dissector" union would
be added, which would point to a data structure that refers to all of
the information read in from the .fdesc and .wsgd files.
call_dissector_work(), in epan/packet.h, would, for handles that refer
to interpreted dissectors, run the interpreter.
