> Without knowing the protocol, I'd say there's almost always room for
> improvement. Open a bug with a sample capture and see if someone can
> figure out how to strengthen the check.
Ok, thanks. I will open a bug request then.
> ps. you mentioned your dissector is hosted on sourceforge; would you
> consider submitting it to Wireshark?
The dissector is of a proprietary protocol which is completely reverse
engineered. There is no official documentation available.
The protocol is used in programmable logic controlles by Siemens, I
think the most common vendor in Europe for those controllers.
I don't know if there are other reverse engineered protocols in
wireshark, but for myself I would like when the delivered plugins with
wireshark refer to official documents or rfcs, and not guessed as my
dissector.
Is there a official wireshark point of view?
The website is:
http://sourceforge.net/projects/s7commwireshark/
There are some sample captures available.
--
Regards
Thomas Wiens