Wireshark-bugs: [Wireshark-bugs] [Bug 8925] Can't edit esp_sa file to decrypt ESP packets
Comment # 5
on bug 8925
from Martin Mathieson
(In reply to yoshpe from comment #4)
> You're right! I've looked into the function
> esp_sa_record_add_from_dissector() but this only allows dissectors from
> within Wireshark to add new records.
> But I want external programs to be able to easily add new records.
>
> I also prefer packets not to be re-dissected (automatically) since the
> capture might be pretty big (and might be live and on-going), and reloading
> it takes time and will break the live capture.
> One can always hit reload immediately after reloading the configuration.
> Maybe this should even be coupled together with reloading.
>
> About the name UAT, you might be correct. It can be changed to Reload
> dissector configurations.
Again, it may not suit you, but you could have your script send a simply
formatted packet with the new record details (rather than write to esp_sa) to
the machine running wireshark for a simple dissector to pick up. Though if the
script is running on same machine as wireshark and you are running windows you
won't be readily able to capture lookback packets..
You are receiving this mail because:
- You are watching all bug changes.