Wireshark mailing list archives
Re: How to use Wireshark dissectors and header fields? (looking for "WORKING" examples for windows)
From: Jaap Keuter <jaap.keuter () xs4all nl>
Date: Sat, 9 Sep 2017 11:38:11 +0200
HI, Take it in small steps Padawan, gaining experience takes time. Q1: See the reply from Pascal earlier. Q2: C and Lua are fundamentally different programming languages. - C is used for the main program and all build in dissectors. These are the most capable. - Lua is used as an extension language. It allows to add (simpler) dissectors to Wireshark without the need to recompile it. Q3: As README.dissector can tell you in more detail, header fields are constructs to define how raw data is to be presented by a dissector. You use functions to extract data from a certain place in the received packet and use the header field to define the presentation. The header field may even define a subset of a the retrieved data, and interpretations of this data. Q4: Read the Wireshark Developers Guide (that’s not README.dissector!) one chapter at a time. Q5: The Wireshark source code repository is full of C dissectors. There is no central repository for Lua dissectors, but a search a GitHub should yield some. Q6: Header fields are constructs used in dissectors to define data representation. There is no choosing between them. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- How to use Wireshark dissectors and header fields? (looking for "WORKING" examples for windows) Christopher . Lusardi (Sep 08)
- Re: How to use Wireshark dissectors and header fields? (looking for "WORKING" examples for windows) Pascal Quantin (Sep 08)
- Re: How to use Wireshark dissectors and header fields? (looking for "WORKING" examples for windows) Jaap Keuter (Sep 09)