Protocol "foo" is probably deserving of a mini-RFC (complete with Ascii art of the fields) and the text2pcap notes broken out as a real example of how to use it.
Links to Graham, Roland, others? sharkfest presentations on dissecting data could be added as references.
Thanks for the pcap!
I don't know if there's ever been a companion capture file to test the sample "Foo" dissector or not, so I created one. I also created a comparable "Foo" dissector written in Lua to complement the C dissector for those who are just getting started with Lua. The Lua dissector contains many links to documentation and covers sections 9.2 through 9.4* of the WSDG, meaning that it includes:
-> Basic dissection
-> An example preference
-> Expert info example
-> Transformation of data (uncompress)
Additionally, it illustrates:
-> Plugin info
-> Basic BitOps usage
-> Handoff to another dissector (the "data" dissector in this example)
The Lua dissector closely matches the equivalent C dissector, but I did make a few changes in order to pass off the data and to support decompressing the "Foo" data payload.
If this thing is of any value to anyone, I suppose I could add it to https://gitlab.com/wireshark/wireshark/-/wikis/Contrib? In any case, have a look and see what you think.
- Chris
*I stopped at section 9.4, in other words I did not add support for reassembly, but the sample "Foo" dissector, as written, doesn't really lend itself to support reassembly, so if we wanted to illustrate that as well, then we'd first have to modify the "Foo" protocol.
From: Wireshark-dev <wireshark-dev-bounces@xxxxxxxxxxxxx> On Behalf Of chuck c
Sent: Sunday, October 3, 2021 12:36 PM
To: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx>
Subject: [Wireshark-dev] WSDG: "foo" protocol sample capture
https://www.wireshark.org/docs/wsdg_html_chunked/ChDissectAdd.html
`Let’s step through adding a basic dissector. We’ll start with the made up "foo" protocol. ...`
Has there ever been a companion capture file to test the sample dissector in the WSDG?
CONFIDENTIALITY NOTICE: This message is the property of International Game Technology PLC and/or its subsidiaries and may contain proprietary, confidential or trade secret information. This message is intended solely for the use of the addressee. If you are not the intended recipient and have received this message in error, please delete this message from your system. Any unauthorized reading, distribution, copying, or other use of this message or its attachments is strictly prohibited.
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
