Re: [Wireshark-dev] Bypassing the first layer

2020-01-15 Thread Anders Broman via Wireshark-dev
To: Developer support list for Wireshark Subject: Re: [Wireshark-dev] Bypassing the first layer This helps me too. There are some slides about export pdu. But yes, any material is welcome. Thanks for the help team. This is fantastic. On Wed, Jan 15, 2020 at 2:47 PM Dario Lombar

Re: [Wireshark-dev] Bypassing the first layer

2020-01-15 Thread Juanjo Martin Carrascosa
ed PDU DLT defined by >>>>> Wireshark >>>>> >>>>> Epan/exported_pdu.h contains some information. If you would require >>>>> new elements for meta information that could be discussed. Adding RTSP >>>>> data >>>>> in >>&g

Re: [Wireshark-dev] Bypassing the first layer

2020-01-15 Thread Dario Lombardo
> Epan/exported_pdu.h contains some information. If you would require new >>>> elements for meta information that could be discussed. Adding RTSP data in >>>> >>>> An exported_pdu DLT frame should be simple as an initial test. I think >>>> there is

Re: [Wireshark-dev] Bypassing the first layer

2020-01-15 Thread Juanjo Martin Carrascosa
u DLT frame should be simple as an initial test. I think >>> there is a sharkfest presentation on how to add any protocol data in an >>> exported pdu frame with text2pcap. >>> >>> Regards >>> >>> Anders >>> >>> >>> >&

Re: [Wireshark-dev] Bypassing the first layer

2020-01-15 Thread Dario Lombardo
P data in >> >> An exported_pdu DLT frame should be simple as an initial test. I think >> there is a sharkfest presentation on how to add any protocol data in an >> exported pdu frame with text2pcap. >> >> Regards >> >> Anders >> >> >>

Re: [Wireshark-dev] Bypassing the first layer

2020-01-15 Thread Juanjo Martin Carrascosa
Regards > > Anders > > > > *From:* Wireshark-dev *On Behalf Of > *Juanjo Martin Carrascosa > *Sent:* den 15 januari 2020 12:24 > *To:* Developer support list for Wireshark > *Subject:* Re: [Wireshark-dev] Bypassing the first layer > > > > Hi Dario, >

Re: [Wireshark-dev] Bypassing the first layer

2020-01-15 Thread Anders Broman via Wireshark-dev
how to add any protocol data in an exported pdu frame with text2pcap. Regards Anders From: Wireshark-dev On Behalf Of Juanjo Martin Carrascosa Sent: den 15 januari 2020 12:24 To: Developer support list for Wireshark Subject: Re: [Wireshark-dev] Bypassing the first layer Hi Dario,

Re: [Wireshark-dev] Bypassing the first layer

2020-01-15 Thread Juanjo Martin Carrascosa
Hi Dario, Could you elaborate on this? I get the idea but my knowledge about the how is very basic. How can this help me achieve what I need? Thanks for the help. Juanjo Martin On Tue, Jan 14, 2020 at 4:48 PM Dario Lombardo wrote: > You can use export_pdu. This is a layer with multiple attrib

Re: [Wireshark-dev] Bypassing the first layer

2020-01-14 Thread Dario Lombardo
You can use export_pdu. This is a layer with multiple attributes (see epan/exported_pdu.h), but the only really needed is the proto_name, that allows you to directly call a dissector by its name. You will have frames with this stack: FRAME/EXPORT PDU/RTPS, that is properly dissected by wireshark.

[Wireshark-dev] Bypassing the first layer

2020-01-14 Thread Juanjo Martin Carrascosa
Hi everyone, RTPS is a protocol already supported by Wireshark. I have been helping maintain that protocol these past years. It sits on top of TCP and UDP, as well as some other transports that are not network ones (Shared Memory typically with a proprietary implementation). We are currently work