Wireshark · Wireshark-dev: [Wireshark-dev] Dissector for decryted content

Wireshark-dev: [Wireshark-dev] Dissector for decryted content

From: Jose Selvi <jselvi@xxxxxxxxxxxx>

Date: Wed, 21 Feb 2018 17:07:02 +0100

Hi there,

It's my first time developing a dissector, so apologize in advance if my
question is too obvious for you guys.

I'm trying to code a dissector (I'm using LUA) for a quick test. It
should match a piece of traffic inside a ESP tunnel. I have seen that
other dissectors are working inside the decrypted content, but not mine.

Browsing forums, I found this:

https://osqa-ask.wireshark.org/questions/58217/how-do-i-dissect-decrypted-ssl-data-when-im-using-a-master-secret-log

However, I can't find similar options for ESP, so I guess it only works
for SSL.

Any hint will be more than welcomed.
Cheers.

Follow-Ups:
- Re: [Wireshark-dev] Dissector for decryted content
  - From: Jeff Morriss

Prev by Date: Re: [Wireshark-dev] Windows builds seem to fail with some frequency even though the Linux builds don't!
Next by Date: Re: [Wireshark-dev] Request for ECCN (Export Control Classification Number) for WireShark
Previous by thread: [Wireshark-dev] Rappel : Can't start 2.5: Err Duplicate protocol name "DOCSIS Vendor Specific Encodings"
Next by thread: Re: [Wireshark-dev] Dissector for decryted content
Index(es):
- Date
- Thread