Wireshark-users: Re: [Wireshark-users] How does Wireshark implement protocol stack?
On 2011-12-19 13:45, 吴斌斌 wrote:
Hi there:
My team is now working on a data capture device.
We can get all data from wire, from LLC layer to application layer.
But
we don't know how to parse packets. I know Wireshark allows
developers to
reach their own protocol parser based on protocol charectoristics,
ports
or so. You must have designed a high-performance packet parser. So
what
is it? Which license is it under?
THANK YOU.
Hi,
Several avenues to choose from. First of all subscribe to the developer
mailing list
(this message is on the users mailing list). That's were the
interesting development
stuff is happening. Second it's good to familiarize yourself with the
developers guide
(found on the Wireshark website). Have a look at the SharkFest
presentations to get a
feel for things. Then you have to look into the form in which you want
to create your
protocol dissector: plain C (most powerfull?), ASN.1, Lua, Python.
Please be aware
that plain C is best supported, there's even a generator for that,
ASN.1 requires you
to write a template for a dissector compiler and your ASN.1 definition
of course.
Lua support is coming along nicely, Python support is somewhat
experimental. Some more
information can be found on the Wiki. As for licensing, everything
linked to Wireshark
is covered by GPLv2, as is Wireshark. That means that distribution
requires making your
source code available too. So if you keep things for yourself, you're
fine.
Thanks,
Jaap