Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-users: Re: [Wireshark-users] Basic question about dissectors

From: David Aldrich <David.Aldrich@xxxxxxxxxxxx>
Date: Mon, 2 Mar 2015 14:36:44 +0000

Hi Graham

 

Thanks very much for your answer.

 

Best regards

 

David

 

From: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Graham Bloice
Sent: 02 March 2015 14:19
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Basic question about dissectors

 

On 2 March 2015 at 14:08, David Aldrich <David.Aldrich@xxxxxxxxxxxx> wrote:

Hi

 

Please will someone tell me what is the file extension of a dissector and how one loads a dissector in Wireshark?

 

I have seen lots of help on how to write a dissector but I just need to know how to identify a dissector in a 3rd party distribution file of Wireshark, and how to load it.

 

 

 

A dissector can be implemented in many ways and not all of them are separate files with a file extension.  I assume you're interested in Wireshark on Windows as you mention a file extension?

 

A dissector can be built into the Wireshark core as part of libwireshark.dll, it can be a plugin in the various plugin directories with a .dll extension (look in Help -> About -> Plugins), it could be a Lua dissector loaded at runtime form a Lua script file (probably with a .lua extension), it could be a WSGD dissector loaded at runtime from a text file, and for some older versions of Wireshark it could be a Python dissector loaded at runtime.

 

--

Graham Bloice