Hi all,
These last weeks, I spent some time to integrate python into wireshark and made the first commit today in the wireshark trunk. This way, now, it is possible to write a dissector for wireshark in python. see
http://wiki.wireshark.org/Python for documentation.
It is probably already possible to write a lot of dissectors in python right now. For sure, there are yet a lot of stuffs to integrate ... I just ask you to be clement and let me some time to add them. :)
Here is a small sample of the homeplug dissector in python :
from wspy_dissector import Dissector, FT_UINT8, FT_NONE, BASE_NONE
class homeplug(Dissector):
def protocol_ids(self):
return [ ("ethertype", 0x887B, None) ]
def dissect(self):
self.dissect_mctrl()
def dissect_mctrl(self):
hf = self.fields()
subt = self.subtrees()
self.c_tree = self.tree()
tree = self.c_tree.add_item(hf.homeplug_mctrl, length=1, adv=False)
mctrl_tree = tree.add_subtree(subt.mctrl)
mctrl_tree.add_item(hf.homeplug_mctrl_rsvd, length=1, adv=False)
mctrl_tree.add_item(hf.homeplug_mctrl_ne, length=1)
HOMEPLUG_MCTRL_RSVD = 0x80
HOMEPLUG_MCTRL_NE = 0x7F
def register_protocol():
tp = homeplug("HomePlug protocol", "HomePlug", "homeplug")
hf = tp.fields()
hf.add("Mac Control Field", "homeplug.mctrl", FT_NONE, BASE_NONE)
hf.add("Reserved", "homeplug.mctrl.rsvd", FT_UINT8, bitmask=HOMEPLUG_MCTRL_RSVD)
hf.add("Number of MAC Data Entries", "
homeplug.mctrl.ne", FT_UINT8, bitmask=HOMEPLUG_MCTRL_NE)
subt = tp.subtrees()
subt.add('mctrl')
return tp
Hope you'll enjoy!
P.S. : all comments and critics are welcome. They can be put on the wiki page too!
Regards,
Sebastien Tandel