Wireshark mailing list archives
Re: Syncthing protocol dissector
From: Richard Sharpe <realrichardsharpe () gmail com>
Date: Mon, 28 Feb 2022 13:41:38 -0800
On Mon, Feb 28, 2022 at 11:53 AM Tmore1 <tmore1 () gmx com> wrote:
Hi, Thank you. I understand that only C dissectors are distributed with Wireshark - in my message, I asked whether the project would be interested in my reimplementing it in C.
Yes. If needed I can help you shepherd the changes into the repository.
The Syncthing protocols are a mixture of protobufs and ordinary fields. I assumed that the way to write such a dissector is by writing a protocol specific dissector, and then calling the protobuf dissector with a subset of the tvb. That's what I did in Lua, and that's what I suppose I would do in C. Is this the right approach?
That sounds correct to me.
On Mon, 28 Feb 2022 10:20:01 +0100 Alexis La Goutte <alexis.lagoutte () gmail com> wrote:Hi Thomas, We don't accept LUA dissector on source code But there is now a protobuff dissector on Wireshark and i think it will not be complicated to add this protocol. Cheers On Sun, Feb 27, 2022 at 5:39 AM Tmore1 <tmore1 () gmx com> wrote:Hello, Several years ago, there was some discussion on this list about a Syncthing protocol dissector: https://www.wireshark.org/lists/wireshark-dev/201811/msg00017.html AFAICT, there still doesn't seem to be one. I'm new to Wireshark internals (and pretty new to Wireshark externals, as well ;)), but I thought I'd try my hand at writing one. I starting by writing a Lua dissector for one of the Syncthing protocols: https://github.com/tmo1/wireshark-syncthing-dissector and it seems to work. If I'm not too daunted by trying to reimplement it in C, would this be something of interest to the project? Thomas ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org ?subject=unsubscribe-- Tmore1 <tmore1 () gmx com> ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
-- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操)(传说杜康是酒的发明者) ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Syncthing protocol dissector Tmore1 (Feb 26)
- Re: Syncthing protocol dissector Alexis La Goutte (Feb 28)
- Re: Syncthing protocol dissector Tmore1 (Feb 28)
- Re: Syncthing protocol dissector Richard Sharpe (Feb 28)
- Re: Syncthing protocol dissector Tmore1 (Feb 28)
- Re: Syncthing protocol dissector Alexis La Goutte (Feb 28)