Wireshark · Wireshark-dev: [Wireshark-dev] [RFC] Vendor-specific dissector extension for EtherNet/IP

Wireshark-dev: [Wireshark-dev] [RFC] Vendor-specific dissector extension for EtherNet/IP

From: Samuel Groot <groot.samuel@xxxxxxxxx>

Date: Tue, 29 Aug 2017 15:38:17 +0200

Hi,

I am considering writing a chained dissector in lua to support somevendor-specific classes, services and attributes for EtherNet/IP.

After digging around on google or ask.wireshark.org, I couldn't findanything that would fit my needs (except this[1], but it's more than 10years old), so I'm coming to you to have maybe some advice.

Vendor-specifics in EtherNet/IP are particular in the sense that we needto rewrite certain things in the tree and only re-parse certain things.

Is it the correct way to do it, or do I have to patchepan/dissectors/packet-cip.c and rebuild wireshark entirely?


Regards,
Sam Groot


[1] https://www.wireshark.org/lists/ethereal-dev/200601/msg00174.html

Follow-Ups:
- Re: [Wireshark-dev] [RFC] Vendor-specific dissector extension for EtherNet/IP
  - From: Michael Mann

Prev by Date: [Wireshark-dev] Idea about Adding extra functionality in wireshark.
Next by Date: Re: [Wireshark-dev] Adding pcap-ng pipe support to dumpcap
Previous by thread: Re: [Wireshark-dev] Idea about Adding extra functionality in wireshark.
Next by thread: Re: [Wireshark-dev] [RFC] Vendor-specific dissector extension for EtherNet/IP
Index(es):
- Date
- Thread