I don't know if there's ever been a companion capture file to test the sample "Foo" dissector or not, so I created one. I also created a comparable "Foo" dissector written in Lua to complement the C dissector for those who are just getting started with Lua. The Lua dissector contains many links to documentation and covers sections 9.2 through 9.4* of the WSDG, meaning that it includes:
-> Basic dissection
-> An example preference
-> Expert info example
-> Transformation of data (uncompress)
Additionally, it illustrates:
-> Plugin info
-> Basic BitOps usage
-> Handoff to another dissector (the "data" dissector in this example)
The Lua dissector closely matches the equivalent C dissector, but I did make a few changes in order to pass off the data and to support decompressing the "Foo" data payload.
If this thing is of any value to anyone, I suppose I could add it to https://gitlab.com/wireshark/wireshark/-/wikis/Contrib? In any case, have a look and see what you think.
- Chris
*I stopped at section 9.4, in other words I did not add support for reassembly, but the sample "Foo" dissector, as written, doesn't really lend itself to support reassembly, so if we wanted to illustrate that as well, then we'd first have to modify the "Foo" protocol.
From: Wireshark-dev <wireshark-dev-bounces@xxxxxxxxxxxxx> On Behalf Of chuck c
Sent: Sunday, October 3, 2021 12:36 PM
To: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx>
Subject: [Wireshark-dev] WSDG: "foo" protocol sample capture
https://www.wireshark.org/docs/wsdg_html_chunked/ChDissectAdd.html
`Let’s step through adding a basic dissector. We’ll start with the made up "foo" protocol. ...`
Has there ever been a companion capture file to test the sample dissector in the WSDG?
CONFIDENTIALITY NOTICE: This message is the property of International Game Technology PLC and/or its subsidiaries and may contain proprietary, confidential or trade secret information. This message is intended solely for the use of the addressee. If you are not the intended recipient and have received this message in error, please delete this message from your system. Any unauthorized reading, distribution, copying, or other use of this message or its attachments is strictly prohibited.
Attachment:
foo.pcap
Description: foo.pcap
0000 01 01 00 00 c0 00 02 01
0000 03 04 00 01 c0 00 02 01 48 65 6c 6c 6f 20 57 6f
0010 72 6c 64 21
0000 03 08 00 01 c0 00 02 01 1f 8b 08 00 00 00 00 00
0010 02 03 4d 51 41 4e c4 30 0c fc 8a 6f 80 c4 ae c4
0020 8d 3d 73 40 bc 60 cf 6e e2 b6 de 4d ed ca 71 bb
0030 94 d7 e3 74 01 71 8a 32 f1 8c 67 26 67 36 aa 23
0040 da 15 b8 82 8f 04 37 b5 92 1f 2a f4 6a 34 69 75
0050 40 c9 70 e3 4c 65 3b 2c 95 32 08 79 cc 5c 61 36
0060 75 4d 5a 62 00 cb f6 45 76 84 0f 87 42 5e 61 d3
0070 05 2a 85 d6 88 1e 52 23 ce 33 09 cb 00 2a ed cd
0080 fe 34 30 e4 61 e2 64 5a 93 ce 9c 82 be 52 d9 57
0090 fe d8 c9 04 3d 26 57 78 6c a0 f6 4e d2 b0 cb 62
00a0 f4 04 d5 03 44 cb 80 4d a1 c2 84 b2 41 d2 69 22
00b0 4b 8c 77 1d 51 39 84 d5 9e 1d 48 9c 6c 36 ae 54
00c0 9f 61 d0 95 4c a6 c0 00 07 92 c4 0d 6c 04 ca 4b
00d0 42 67 8d 54 c0 52 9d 7d 69 b7 7a 84 f3 5f 57 b9
00e0 d9 d4 79 67 fb 68 bc 52 73 8b 72 8d 43 77 df ab
00f0 96 25 d6 91 85 1f 71 e3 ee 2e 12 09 7e c3 b7 3e
0100 e8 73 26 8b c2 d0 74 89 d5 8d 38 14 ed e8 7f 03
0110 8d cf b2 ec 96 1a 1d 5b f3 17 4a de e2 9b c7 8f
0120 74 1b bc 93 61 c9 f0 a6 53 57 c3 35 bc 9c 4e af
0130 c7 6f 79 2e 36 a0 dc 01 00 00
0000 02 06 00 02 c0 00 02 01
Attachment:
foo.lua
Description: foo.lua
