Jeffrey Perry wrote:
>
> Yes, one comment. I think this is the right approach, I would suggest
> taking it one step farther though. If you build the parser into
> ethereal, then no recompiles would be needed for adding a new
> protocol. This is how Etherpeek on Windows works.
>
Yes, I like this approach also.
I was already thinking about the handling of user-defined protocols in
a similar way but with direct processing in ethereal (no code generation
and so no recompilation - see some previous posts in mailing list).
But I have not yet decided of any protocol syntax definition since
I'd preferred to wait that wiretap and the core tree stabilize ...
So if you can directly decode your format in ethereal without too much
overhead, it would be a Good Thing ...
Laurent.
--
Laurent DENIEL | E-mail: deniel@xxxxxxxxxxx
Paris, FRANCE | laurent.deniel@xxxxxxxxxxxxxxxxxxxxxxxxxxxx
| WWW : http://www.worldnet.fr/~deniel
All above opinions are personal, unless stated otherwise.
