Re: Siemens S7Comm-Plus protocol support

[Thomas Wiens <th.wiens () gmx de>]

Am 19.08.2021 um 09:52 schrieb Guy Harris:

> Thomas, is there any reason not to incorporate this into the regular
> Wireshark release?  I'd mean you wouldn't have to build Windows
> binaries and offer them for releases that include it, and would make
> it easier for non-Windows users to analyze those packets, as they
> wouldn't have to compile it as a plugin and install it themselves.
> It appears to be licensed under the GPLv2, so there are no licensing
> issues that I can think of.
Hi Guy,

my plan was to incorporate it into Wireshark one day. As the protocol is
reverse engineered and Siemens is constantly changing minor details of
the protocol, there are still many things guessed, not decoded or
decoded as dummy fields. The latest change from Siemens was to implement
TLS, if this will be standard in the future, then the dissector will
become useless.

There are some informations where I had to be "creative" to get them,
but without them the protocol could be dissected, but the information
you see in Wireshark would be almost useless. That's why I hesitated to
integrate it into the regular release, and keep the userbase small, if
"someone" doesn't like what I've done.

--
Best regards

Thomas Wiens

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe