Wireshark-dev: Re: [Wireshark-dev] Fastest and the Legal way to distribute CustomDissectors
From: "Anders Broman" <[email protected]>
Date: Tue, 11 Aug 2009 08:48:07 +0200



Från: [email protected] [mailto:[email protected]] För Ian Schorr
Skickat: den 11 augusti 2009 04:11
Till: Developer support list for Wireshark
Ämne: Re: [Wireshark-dev] Fastest and the Legal way to distribute CustomDissectors


>#3 is probably the "best" if you're willing to share the source and think the code would be of use to others.
>- Less work for you in the long run. 
 > - Each time a new release of Wireshark comes out with changes that you want, you'd need to release a newer >version of your "custom" Wireshark.  Or if you don't do this, would complicate things for users that are frequent >Wireshark users and DO want a version installed with the latest changes.
 > - Periodically changes are made that affect ALL (or a large number) of dissectors.  If that happens someone else >would most likely update your dissector so it continues to function.  Without checking in, you'll need to figure out why >your dissector doesn't compile anymore with newer releases.
>- Your changes will be reviewed by someone who knows more about Wireshark than you do.  If you've done >something badly (that will potentially cause crashes, weird errors, will cause you headaches in the long run) you have a >good chance of getting feedback to help with this.
>- You have contributed back to the community, which is kind of a major point of this project.
>- Once your code is checked in you can just direct people to download the latest Wireshark instead of your own >private version. (though initially you may have to just distribute a custom build - though you can generate one >automatically here using the buildbot)

>- As you say, may take longer overall to push changes to Wireshark - possibly especially a problem if you expect >them to be updated frequently. 
>People here tend to be fairly responsive, and won't waste your time.  But if you've written something badly, you >probably will be forced to rewrite it (which may slow you down in the short term, but be good in the long term)


>#2 is a mixed bag.  Distributing code as plugins are probably more "legal" if you weren't willing/allowed to distribute >the sources, but that's not a problem for you. 
However, plugins tend to be problematic to maintain.
>There tend to be frequent changes in Wireshark that will break existing plugins (so you'd potentially end up having to >compile a plugin for each version of Wireshark that you want your dissectors to be compatible with), and a lot of the >maintainers here aren't exactly a fan of them.  Don't expect a lot of support on getting them to work.  I'd probably >stick with either #1 if this is just some really simple project and you're going to be distributing to a few people for >limited use, or #3 if you want to do things "right" and save yourself work in the long run.


Why not go for #1 AND #3?

Make a bug report with your dissector(s) and while waiting for review/commit distribute a

Custom version.