Wireshark-dev: Re: [Wireshark-dev] 【Looking for help】about " http2-fake-header" and "grpc-diss

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: chuck c <bubbasnmp@xxxxxxxxx>
Date: Sat, 23 Apr 2022 13:42:35 -0500
https://gitlab.com/wireshark/wireshark/-/merge_requests/4877
HTTP2/GRPC: support using fake headers to parse the DATAs of the stream without first HEADERS frame

Looks like it hasn't been added to the 3.6 branch.
3.7.0 images are available in the Automated builds or you can build from Master branch.
https://www.wireshark.org/download/automated/

On Sat, Apr 23, 2022 at 10:37 AM 徐国政 <gzxu@xxxxxxxxxxxxx> wrote:

Hi everyone:

  I recently encountered a problem. 

 


  • I noticed that there is http2-fake-header feature in the recent wireshark user guide, but I downloaded the latest wireshark version (3.6.3),It does not have the function of http2-fake-header, how can I get a version that has the function of http2-fake-header, maybe its wireshark version number is 3.7.0?



  Below is the interface I see on the wiki(https://gitlab.com/wireshark/wireshark/-/wikis/gRPC):

  • in fact, I want to use the fake-header function to solve the problem that grpc-dissector cannot parse grpc packets normally, because I did not capture the first headers frame. When I capture the packets, the grpc connection has been running for a long time.


  • Here, let me ask again, can I specify the content-type and path information of http2-dissector and pass it to grpc-sub-dissector. Currently I am using lua script. But I didn't find the usage of specifying the passing parameter pinfo.private. I want to carry relevant parameters through pinfo.private so that grpc-sub-dissector can parse it, does this function currently exist? like below:

         pinfo.private["content_type"] = "application/grpc",       

         pinfo.private["path"] = "grpc.service/rpc_method".



Looking forward to your reply, thank you very much.

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe