Wireshark-dev: Re: [Wireshark-dev] What's the process to get a Zookeeper dissector packaged wit
From: Jaap Keuter <[email protected]>
Date: Thu, 25 Jan 2018 08:24:12 +0100

The Lua interface is only an extension interface, we don’t maintain a repository of Lua dissectors.
So mainlining a dissector basically means writing C code.


On 24 Jan 2018, at 23:05, Jeff Widman <[email protected]> wrote:


Someone already released a Zookeeper lua-based dissector under MIT license:

Can it be included in core as a lua-based dissector or should I port it to C first? 

I'm also willing to do any additional work required to move this across the finish line, such as generating bugzilla sample captures, etc.

And thanks everyone for the other tips/doc links on submitting patches to this project. I appreciate the warm welcome.


On Wed, Jan 24, 2018 at 12:43 AM, Dario Lombardo <[email protected]> wrote:
Basically you're right. If it's not included, it's because no one pushed a change for inclusion. Wireshark includes as many protocols as possible and zookeeper would be definitively accepted. 
Before starting, be sure that something doesn't exist out there: you could start for someone else's code (according to its licence, of course) and not start from scratch.
When submitting the dissector, please be sure to add sample captures for testing. To add them, just file a bug on bugzilla with your attachments, and add a reference "Bug: XXX" in your commit message that will automatically link the bugzilla page.

On Wed, Jan 24, 2018 at 9:12 AM, Jeff Widman <[email protected]> wrote:
How do I get a dissector for Zookeeper's protocol included by default in Wireshark?

I searched but couldn't find anything about what's required to "promote" a dissector to be packaged with wireshark... 

I assume it's more than just code, that there's some process for deciding whether a protocol is popular enough that a dissector for it could be included in core.

Zookeeper is an open-source database for reliably storing metadata. Many popular open-source distributed systems rely heavily on it, including Kafka, Hadoop, Druid, etc. 

Given this popularity, I suspect the only reason it's not bundled into Wireshark is no one has had the time to write it, but wanted to confirm before I start hacking on it.