Wireshark-dev: Re: [Wireshark-dev] RFD: New language to write dissectors
From: Richard Sharpe <[email protected]>
Date: Sat, 14 Jul 2012 14:07:43 -0700
On Sat, Jul 14, 2012 at 8:26 AM, Jakub Zawadzki
<[email protected]> wrote:
> Hi,
>
> It'd be great if we have some abstract and pure (no C/assembly inline) language to write dissectors.
>
> We could invent yet another protocol desciption language, but I was thinking
> to base grammar on netmon NPL [1] or wsgd [2].
> I'm bigger fan of NPL (sorry Olivier), nmparsers project has got large collection of dissectors[3]
> which we could use (LLTD - bug #6071, Windows USB Port packets - bug #6520, netsh - bug #6694)
> but there might exists some legal (patents for grammar/implementation?!) issues.

It is amusing that the document "Writing a Parser from Wire to Window"
contains this:

"You can grab some HSRP sample captures from here:
http://wiki.wireshark.org/SampleCaptures. If you load one of those
files into Network Monitor (making sure to reload your parsers first),
you should now see packets labeled as HSRP with the Description
“HSRP”."

The document can be found here:

    http://nmparsers.codeplex.com/downloads/get/53465


-- 
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)