Wireshark mailing list archives
Re: how to remove/unregister a dissector?
From: Kaul <mykaul () gmail com>
Date: Wed, 27 Apr 2011 00:29:47 +0300
On Tue, Apr 26, 2011 at 9:57 PM, Chris Maynard <chris.maynard () gtech com>wrote:
George Nychis <gnychis@...> writes:Another alternative, is to remove packet-smb* from the build.In most cases, to remove unwanted protocol dissectors from the build, delete the relevant packet-*.c files from epan/dissectors/Makefile.common's DISSECTOR_SRC. Alternatively, you could just disable those protocols via "Analyze -> Enabled Protocols", then uncheck all those that you don't want/need. This method does not require recompiling Wireshark, but it doesn't prevent someone from re-enabling them again, so if you want to avoid that, then you'll have to recompile it.
If it could only be done somehow with some logical grouping... I do not need many, many protocols, but it's impossible to go and start unchecking all the irrelevant ones. Too many. For example, I reckon I'll never meet ATM traffic, nor Appletalk, nor USB based, bluethooth or anything but normal Ethernet, IP and above (and yes, if somehow something was encapsulated above Etherenet, so I lost it, no big deal). Probably cost some in performance as well, especially for some of the heuristic ones. I'm also unsure how much of a performance hit we get by having all those less used protocol fields in packet_info structure. Perhaps we should move all those to a dynamically allocated (if need access to) structure. Random example (from gssapi, which actually I see, but never decrypt): guint16 decrypt_gssapi_tvb; tvbuff_t *gssapi_wrap_tvb; tvbuff_t *gssapi_encrypted_tvb; tvbuff_t *gssapi_decrypted_tvb; gboolean gssapi_data_encrypted; (is packet_info even properly memory aligned with all those 'random' sized fields in it?!) Y.
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- how to remove/unregister a dissector? George Nychis (Apr 26)
- Re: how to remove/unregister a dissector? Chris Maynard (Apr 26)
- Re: how to remove/unregister a dissector? Kaul (Apr 26)
- Re: how to remove/unregister a dissector? Stephen Fisher (Apr 26)
- Re: how to remove/unregister a dissector? George Nychis (Apr 26)
- Re: how to remove/unregister a dissector? George Nychis (Apr 26)
- Re: how to remove/unregister a dissector? Jakub Zawadzki (Apr 27)
- Re: how to remove/unregister a dissector? Anders Broman (Apr 27)
- Re: how to remove/unregister a dissector? Jakub Zawadzki (Apr 27)
- Re: how to remove/unregister a dissector? George Nychis (Apr 27)
- Re: how to remove/unregister a dissector? Kaul (Apr 26)
- Re: how to remove/unregister a dissector? Chris Maynard (Apr 26)