Wireshark-dev: Re: [Wireshark-dev] Dissector Generator

On Feb 19, 2009, at 2:41 PM, Gerald Combs wrote:

Behdad Forghani wrote:
I am thinking of developing a notation along with code generator and
Eclipse integration to specify protocol PDUs and then generate Wireshark dissectors automatically, thus reducing the time to hand code dissectors
and errors. Before, I do that, I wanted to make sure that I am not
reinventing the wheel. Does such a tool already exist for non ASN.1
protocol messages?

You might want to take a look at the NetPDL and TSN.1 notations:


Others have suggested the BinPAC language used by the Bro IDE:


and I think Scapy was mentioned in this context (or maybe I stumbled across it):


and somebody's worked on some code to do this with their own language:


or, heck, maybe use ASN.1 - ASN.1 isn't a protocol; the "A" stands for "Abstract", so it's a way to describe the "abstract syntax" of protocols, and you have to add the encoding rules to see what that turns into as a sequence of octets, and there's an Encoding Control Notation:


to let you specify non-standard encodings.