An iSCSI expert system for wireshark

[jimmy wang <jimmy.tianjin () gmail com>]

Hi core developer,
         I’m a member of Inventec Tianjin Company. We write an iSCSI expert
system based on wireshark. The main features of the system include:
1. An iscsi PDU analyzing expert system with about 50 rules. The system can
detect protocol error like StatSN less than ExpStatSN, Login response CSG
bad value, etc.
2. An enhanced iscsi dissector which based on packet-iscsi.c
3. An iscsi expert information dialog which displays the expert system
detecting result, iscsi session/connection topology tree and iscsi
parameters.
4. An iscsi flow dialog which displays the iscsi PDU sequence, iscsi
session/connection topology tree and iscsi statistics information.
The attachments are the snapshot of the expert information dialog and iscsi
flow dialog.

The expert system include the follow source file:
1. Epan\dissectors\Packet-iscis.c         - enhanced iscsi dissector
2. Epan\dissectors\iscsiexpert-rules.c          - included by packet-iscsi.c
for expert system rules
3. Gtk\iscsiexpert_dlg.c        - expert information dialog
4. Gtk\iscsiexpert_stat.c      - iscsi flow dialog

We want our dissector and dialog be included in the main wireshark
distribution. Could you please give me some suggestion:
1. Is it possible?
2. May we just send a patch based on packet-iscsi.c or we need send a new
file named packet-iscsiexpert.c for the iscsi dissector? If use
packet-iscsiexpert.c, we need add a new protocol iscsi[E] and need enable
iscsi[E] and disable iscsi manually.

Thanks for your time.

Jimmy

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe