Wireshark · Wireshark-dev: Re: [Wireshark-dev] Using wireshark protocol parsers to build packets

Wireshark-dev: Re: [Wireshark-dev] Using wireshark protocol parsers to build packets

From: Guy Harris <guy@xxxxxxxxxxxx>

Date: Sun, 11 Feb 2007 13:04:20 -0800

[Chris] NULL wrote:

My question is, is it possible to use the Wireshark disectors to "build" atrace. What I mean with this is, is it e.q. possible to change values in theWireshark GUI and then have Wireshark build the binary trace together? Iknow that in the current version this is not possible, but my question is ingeneral. Is it possible to extend the Wireshark disectors to be able to"build" a trace?

No; that feature's missing from the current version because theinfrastructure for it isn't available, not because Wireshark chooses notto implement it.

This is probably significantly more complicated than one might think,especially given packet reassembly. A mechanism to do that would beuseful for manually editing packets (e.g., to construct a sequence ofpackets to replay), as well as for the anonymization feature anotherperson would like to implement - but it'd require architectural work.

Follow-Ups:
- Re: [Wireshark-dev] Using wireshark protocol parsers to buildpackets
  - From: [Chris] NULL

References:
- [Wireshark-dev] Using wireshark protocol parsers to build packets
  - From: [Chris] NULL

Prev by Date: [Wireshark-dev] Using wireshark protocol parsers to build packets
Next by Date: Re: [Wireshark-dev] Using wireshark protocol parsers to buildpackets
Previous by thread: [Wireshark-dev] Using wireshark protocol parsers to build packets
Next by thread: Re: [Wireshark-dev] Using wireshark protocol parsers to buildpackets
Index(es):
- Date
- Thread