Wireshark · Ethereal-dev: [Ethereal-dev] Access to generalized dissecting

Ethereal-dev: [Ethereal-dev] Access to generalized dissecting

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Allan Clarke" <clarke@xxxxxxxxxxxxxxx>

Date: Mon, 27 Mar 2006 13:19:34 -0600

Title: Access to generalized dissecting

Greetings! I am new to this list and my network protocol understanding is quite limited. Because of this I need some guidance.

I need to be able to take capture files and do customized exporting without having to recode all the dissection logic. I currently take the capture file as input and have written some random logic (in Perl) to do simple dissection. But my user's needs are growing and I keep having to do more and more dissection; I am loathe to continue duplicating the dissection logic already in Ethereal.

One option is to run off an exported XML version of the data or perhaps a "print to file" version, but these can very quickly get large and slow to process. Is there a very terse text-based format that already exists?

What I'd like to do is develop some kind of a plugin that could be used to walk the dissected packet's tree and selectively export some of the data. Ideally, users could export using a feature tied into the Ethereal GUI.

I would greatly appreciate any pointer as to how to tackle this.

Many Thanks,

Allan

Follow-Ups:
- Re: [Ethereal-dev] Access to generalized dissecting
  - From: Jaap Keuter
- Re: [Ethereal-dev] Access to generalized dissecting
  - From: Guy Harris

Prev by Date: Re: [Ethereal-dev] Updated trivial packet-sip.c [patch]
Next by Date: [Ethereal-dev] buildbot failure in Windows-2003-IA32
Previous by thread: Re: [Ethereal-dev] Updated trivial packet-sip.c [patch] (Out of the office)
Next by thread: Re: [Ethereal-dev] Access to generalized dissecting
Index(es):
- Date
- Thread