Wireshark mailing list archives

Re: Idea for process image dissection

From: Roland Knall <rknall () gmail com>
Date: Tue, 15 Oct 2013 18:25:46 +0200

Hi


I actually did not know about wsgd.free.fr. For what I want to
achieve, this would be completely sufficient. But It would need a UI,
because the definition of the wsgd and fdesc files would be too much
for the nomal user.

I will work on that instead, and see where I can go from there.

Just one question though, why is this plugin not part of wireshark?


kind regards,
Roland

On Mon, Oct 14, 2013 at 8:40 PM, Guy Harris <guy () alum mit edu> wrote:


On Oct 13, 2013, at 1:17 AM, Roland Knall <rknall () gmail com> wrote:

For such a dissection, we need to tell a dissector, how to dissect a
specific payload.

I would like to implement a new field type (FT_PIMAGE) and allow the
user using a dialog, to specify a filter and a mapping to dissect the
field.


Would the payload consist either of one big FT_PIMAGE field or a sequence of nothing but FT_PIMAGE fields?

If so, then...

For instance one definition might be:


...another definition might be

        http://wsgd.free.fr

if the goal is to avoid requiring C/C++ code to be written to dissect the payload.

Adding a UI to allow construction of wsgd descriptions would be useful here.

The definition for each field mapping must be also session specific,
as it will definitely change between dissections.


Multiple registered wsgd descriptions, and a session-specific selection of a description, should handle that.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

Idea for process image dissection Roland Knall (Oct 13)
- Re: Idea for process image dissection Jakub Zawadzki (Oct 14)
- Re: Idea for process image dissection Guy Harris (Oct 14)
  - Re: Idea for process image dissection Roland Knall (Oct 15)
    - Re: Idea for process image dissection Graham Bloice (Oct 15)
    - Re: Idea for process image dissection Roland Knall (Oct 15)
    - Re: Idea for process image dissection Christopher Maynard (Oct 16)
    - Re: Idea for process image dissection Guy Harris (Oct 16)
    - Re: Idea for process image dissection Roland Knall (Oct 16)