Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] [Wireshark] Data bit by bit

From: Guy Harris <guy@xxxxxxxxxxxx>
Date: Wed, 22 Apr 2009 01:07:23 -0700

On Apr 22, 2009, at 12:25 AM, POINTEAU Remy wrote:

This project should allow Wireshark to dissect packets whose format is defined by an XML file.

I.e., you want a mechanism by which Wireshark can have dissectors that aren't implemented as compiled C code.

Therefore...

For the moment, I parse the XML file, I extract the information and I create the treeview. Now, I need to get the frame and dissect it with my XML.

...you would have a way in which, instead of the dissector handoff calling a dissector procedure, it'd call your code, which would use the parsed XML to control what to do. Your code would be handed a tvbuff containing the payload for your protocol (not the entire frame, just the payload for your protocol). You should then fetch individual values from the protocol, under the control of the parsed XML, using the existing tvb_get_ routines, or perhaps just the proto_tree_add_item() routine.