ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
July 17th, 2024 | 10:00am-11:55am SGT (UTC+8) | Online
Wireshark logo

Wireshark-dev: Re: [Wireshark-dev] Syncthing protocol dissector

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Richard Sharpe <realrichardsharpe@xxxxxxxxx>
Date: Mon, 28 Feb 2022 13:41:38 -0800
On Mon, Feb 28, 2022 at 11:53 AM Tmore1 <tmore1@xxxxxxx> wrote:
>
> Hi,
>
> Thank you. I understand that only C dissectors are distributed with
> Wireshark - in my message, I asked whether the project would be
> interested in my reimplementing it in C.

Yes. If needed I can help you shepherd the changes into the repository.

> The Syncthing protocols are a mixture of protobufs and ordinary fields.
> I assumed that the way to write such a dissector is by writing a
> protocol specific dissector, and then calling the protobuf dissector
> with a subset of the tvb. That's what I did in Lua, and that's what I
> suppose I would do in C. Is this the right approach?

That sounds correct to me.

> On Mon, 28 Feb 2022 10:20:01 +0100
> Alexis La Goutte <alexis.lagoutte@xxxxxxxxx> wrote:
>
> > Hi Thomas,
> >
> > We don't accept LUA dissector on source code
> >
> > But there is now a protobuff dissector on Wireshark and i think it will not
> > be complicated to add this protocol.
> >
> > Cheers
> >
> >
> > On Sun, Feb 27, 2022 at 5:39 AM Tmore1 <tmore1@xxxxxxx> wrote:
> >
> > > Hello,
> > >
> > > Several years ago, there was some discussion on this list about a
> > > Syncthing protocol dissector:
> > >
> > > https://www.wireshark.org/lists/wireshark-dev/201811/msg00017.html
> > >
> > > AFAICT, there still doesn't seem to be one. I'm new to Wireshark
> > > internals (and pretty new to Wireshark externals, as well ;)), but I
> > > thought I'd try my hand at writing one. I starting by writing a Lua
> > > dissector for one of the Syncthing protocols:
> > >
> > > https://github.com/tmo1/wireshark-syncthing-dissector
> > >
> > > and it seems to work. If I'm not too daunted by trying to reimplement
> > > it in C, would this be something of interest to the project?
> > >
> > > Thomas
> > > ___________________________________________________________________________
> > > Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> > > Archives:    https://www.wireshark.org/lists/wireshark-dev
> > > Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
> > >              mailto:wireshark-dev-request@xxxxxxxxxxxxx
> > > ?subject=unsubscribe
> > >
>
>
> --
> Tmore1 <tmore1@xxxxxxx>
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> Archives:    https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>              mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe



-- 
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)(传说杜康是酒的发明者)
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube