I started doing some cleanup on the TRANSUM post-dissector (https://code.wireshark.org/review/19406). Included in that cleanup was removing an explicit preference to enable/disable the post-dissector (it apparently can be resource and processor intensive) because dissectors can already be enabled/disabled through the Analyze -> Enable Protocols menu. However this raised some questions about how to really classify post-dissectors (and are they really the same as "dissectors").
Sending this out to elicit feedback. I understand how they could not be considered dissectors, but should that mean they have their own menu? Somehow part of "statistics"? (I argue against that because the post-dissectors still add to the packet tree, while stats provide an additional dialog for their information.) We have 4 post-dissectors in the current source (mate, transom, snort, prp) and only mate defaults to being enabled (based on quick grep of API calls, it may be smart enough to be "disabled" if there is no configuration). However, there are probably many post-dissectors written for Lua as it seems like a good fit. (that's how TRANSUM started out)
I would still like to remove the explicit TRANSUM preference for enable/disable, as well as the explicit preferences for the other post-dissectors (would be covered in other patches). We can add them back as an "implicit" preference (something similar to what was done with the port preferences), but I still like the idea of a central place to view all enabled/disabled post-dissectors (if they are separated from "regular" dissectors).
Michael
