That's a little tough; freeform protocols are somewhat harder to deal
with.
A lot of IETF protocols are going to this "TLV" type of message like
used in RSVP. The message is a series of objects; each object has a
type, a subtype, and a length (not necessarily in that order). Each
object has a separate definition.
Maybe some sort of XML parser that describes these objects, and the
header? I was thinking about it some time back but gave up due to lack
of time. Maybe I (or somebody) can dig up this chestnut again...
-Ashok
On Wed, Aug 20, 2003 at 10:45:55PM +0200, Andreas Sikkema wrote:
>
> John McDermott wrote:
>
> > This might be tricky with tethereal. It would be nice to have a
> > gui-based protocol analyzer builder, though, even if it were simple. It
> > could generate the "protocol specification language", C or perl/python.
> > I was thinking of a sort of generic, basic (not BASIC) sort of tool so
> > that if someone wanted to one could build a quick and dirty decoder.
>
> I am thinking along the lines of a very simple language (something
> like a stripped version of ASN.1).
>
> You have bits, bytes, integers, strings and the sequence in which they
> appear are the way the appear in the protocol. Maybe add something
> like a choice, but that would make things slightly more complicated,
> but not that much I think.
>
> PROTOCOL "MyFirstProtocol", "My very own first protocol"
> REGISTER "tcp.port", 1720
>
> INTEGER length
> BYTE CHOICE packet_type
> 0 setup
> BYTE thing
> STRING caller_id
> 1 connect
> BYTE otherthing
> INTEGER something
>
> This might be a little too simple (the parser might get confused
> without explicit ends to things), butt his would generate something
> along the lines (of the current code):
>
> void packet_dissect_MyFirstProtocol()
> {
> create new tree for protocol
>
> proto_tree_add_item( hf_length, ...);
>
> int packet_type;
> packet_type = tvb_get_uint32(...);
> proto_tree_add_item( hf_packet_type, ...);
>
> create new tvb
>
> switch( packet_type )
> {
> case 0:
> dissect_setup();
> break;
> case 1:
> dissect_connect();
> break;
> }
> }
>
>
> --
> Andreas Sikkema
>
> _______________________________________________
> Ethereal-dev mailing list
> Ethereal-dev@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-dev
--
--- Asok the Intern ----------------------------------------
Ashok Narayanan
IOS Network Protocols, Cisco Systems
1414 Mass Ave, Boxborough MA 01719
Ph: 978-936-1608. Fax: 978-936-2218 (Attn: Ashok Narayanan)
