Wireshark-dev: Re: [Wireshark-dev] Wireshark GUI development and release guidelines

From: Guy Harris <guy@xxxxxxxxxxxx>
Date: Wed, 20 Oct 2010 02:03:56 -0700
On Oct 19, 2010, at 1:53 PM, Joe wrote:

> Thanks for the reply.

(Which doesn't mean I'm the only person to respond to.  If I reply to a question, it doesn't mean I'm the person who will handle the issue - others on the list might have more time, or more information, to respond.  I suspect the same is true of most other developers on the list.)

> Our product is more like a filter offload engine.

"Offload" in what sense?  Is it another program that could perform the same dissection as Wireshark and thus support the same filter operations (or that does a subset of the dissection and thus supports a subset of the fields supported by Wireshark)?  Does it just filter packets, or perform other operations?

> Essentially I would like to interpret the Wireshark filter syntax for interpretation and offload.  There are some other parameters that I would like to make available to the GUI that don't involve filtering but this will probably be done in phases.
> 
> The changes would only apply to folks who have our product and GNU licensing is not a problem.
> 
> Does it still make sense to submit this for general incorporation into the core release?  Is there another mechanism to allow users to optionally add our code into an existing install?

That depends on what your code does.  *If*, for example, it's something that could be done in a tap listener, then the code could be distributed as a tap listener plugin.  We'd need to know the details of what your Wireshark modifications would do in order to determine whether it could be implemented as a plugin.