Wireshark mailing list archives

Re: how to remove/unregister a dissector?

From: Kaul <mykaul () gmail com>
Date: Wed, 27 Apr 2011 00:29:47 +0300

On Tue, Apr 26, 2011 at 9:57 PM, Chris Maynard <chris.maynard () gtech com>wrote:

George Nychis <gnychis@...> writes:

Another alternative, is to remove packet-smb* from the build.


In most cases, to remove unwanted protocol dissectors from the build,
delete the
relevant packet-*.c files from epan/dissectors/Makefile.common's
DISSECTOR_SRC.

Alternatively, you could just disable those protocols via "Analyze ->
Enabled
Protocols", then uncheck all those that you don't want/need.  This method
does
not require recompiling Wireshark, but it doesn't prevent someone from
re-enabling them again, so if you want to avoid that, then you'll have to
recompile it.


If it could only be done somehow with some logical grouping... I do not need
many, many protocols, but it's impossible to go and start unchecking all the
irrelevant ones. Too many.
For example, I reckon I'll never meet ATM traffic, nor Appletalk, nor USB
based, bluethooth or anything but normal Ethernet, IP and above  (and yes,
if somehow something was encapsulated above Etherenet, so I lost it, no big
deal). Probably cost some in performance as well, especially for some of the
heuristic ones.

I'm also unsure how much of a performance hit we get by having all those
less used protocol fields in packet_info structure. Perhaps we should move
all those to a dynamically allocated (if need access to) structure. Random
example (from gssapi, which actually I see, but never decrypt):
  guint16 decrypt_gssapi_tvb;
  tvbuff_t *gssapi_wrap_tvb;
  tvbuff_t *gssapi_encrypted_tvb;
  tvbuff_t *gssapi_decrypted_tvb;
  gboolean gssapi_data_encrypted;


 (is packet_info even properly memory aligned with all those 'random' sized
fields in it?!)
Y.



___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

how to remove/unregister a dissector? George Nychis (Apr 26)
- Re: how to remove/unregister a dissector? Chris Maynard (Apr 26)
  - Re: how to remove/unregister a dissector? Kaul (Apr 26)
    - Re: how to remove/unregister a dissector? Stephen Fisher (Apr 26)
  - Re: how to remove/unregister a dissector? George Nychis (Apr 26)
    - Re: how to remove/unregister a dissector? George Nychis (Apr 26)
  - Re: how to remove/unregister a dissector? Jakub Zawadzki (Apr 27)
    - Re: how to remove/unregister a dissector? Anders Broman (Apr 27)
    - Re: how to remove/unregister a dissector? Jakub Zawadzki (Apr 27)
    - Re: how to remove/unregister a dissector? George Nychis (Apr 27)