Wireshark mailing list archives

Re: Enabling/disabling ANY heuristic dissector

From: mmann78 () netscape net
Date: Mon, 6 Jul 2015 00:19:22 -0400



I think there's a mixture of both "Heuristic Protocols" and "Heuristic dissectors" and I'm not sure how clean the list 
would look if you merged the two into a single list (this just being anecdotal evidence browsing the lists in both 
tabs).

The original motivation for this patch came from bugs 11152, 11335 and 11336 where it was only the heuristic dissector 
that was desired to be turned off ("identifier-based" desired to remain on).  There are also protocols that have 
multiple heuristic dissectors (based on the protocol the dissector is supposed to run on top of), so I'm not sure if 
its as simple as "disabling protocol altogether" vs "disabling (all?) dissector heuristics of a protocol".
 
 
-----Original Message-----
From: Guy Harris <guy () alum mit edu>
To: Developer support list for Wireshark <wireshark-dev () wireshark org>
Sent: Sun, Jul 5, 2015 11:32 pm
Subject: Re: [Wireshark-dev] Enabling/disabling ANY heuristic dissector



On Jul 5, 2015, at 8:14 PM, Hadriel Kaplan <hadrielk () yahoo com> wrote:

BTW, in case someone’s curious, attached is a screenshot of the dialog window
tab Michael’s change adds.


<Screen Shot 2015-07-05 at 8.52.05

PM.png>

"Heuristic Protocol" or "Heuristic Dissector"?

Should we have a
single table, listing protocols, with up to two checkboxes, one for the
"identifier-based" dissector (if any; leave the checkbox out if none) and one
for the heuristic dissector (if any; leave the checkbox out if none)?

Or, if
there's never a case where you'd want to disable the "identifier-based"
dissector but not the heuristic dissector, a checkbox to completely disable the
dissector ("identifier-based" and heuristic) and, if there's a heuristic
dissector, a checkbox to disable only
it?
___________________________________________________________________________
Sent
via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:   
https://www.wireshark.org/lists/wireshark-dev
Unsubscribe:
https://wireshark.org/mailman/options/wireshark-dev
            
mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

Enabling/disabling ANY heuristic dissector Hadriel Kaplan (Jul 04)
- Re: Enabling/disabling ANY heuristic dissector mmann78 (Jul 04)
- Re: Enabling/disabling ANY heuristic dissector mmann78 (Jul 05)
  - Re: Enabling/disabling ANY heuristic dissector Hadriel Kaplan (Jul 05)
  - Re: Enabling/disabling ANY heuristic dissector Hadriel Kaplan (Jul 05)
    - Re: Enabling/disabling ANY heuristic dissector Guy Harris (Jul 05)
    - Re: Enabling/disabling ANY heuristic dissector mmann78 (Jul 05)
    - Re: Enabling/disabling ANY heuristic dissector Hadriel Kaplan (Jul 05)
    - Re: Enabling/disabling ANY heuristic dissector Guy Harris (Jul 06)
    - Re: Enabling/disabling ANY heuristic dissector Anders Broman (Jul 06)
    - Re: Enabling/disabling ANY heuristic dissector mmann78 (Jul 10)
    - Re: Enabling/disabling ANY heuristic dissector mmann78 (Jul 12)
    - Re: Enabling/disabling ANY heuristic dissector Pascal Quantin (Jul 13)
    - Re: Enabling/disabling ANY heuristic dissector mmann78 (Jul 13)
    - Re: Enabling/disabling ANY heuristic dissector Hadriel Kaplan (Jul 13)
    - Re: Enabling/disabling ANY heuristic dissector Pascal Quantin (Jul 13)
    - Re: Enabling/disabling ANY heuristic dissector mmann78 (Jul 13)

(Thread continues...)