> Without knowing the protocol, I'd say there's almost always room for
> improvement. Open a bug with a sample capture and see if someone can
> figure out how to strengthen the check.
Ok, thanks. I will open a bug request then.
> ps. you mentioned your dissector is hosted on sourceforge; woul
Wireshark has lots of reverse engineered protocols. So that should not stop you.
For example, the whole CIFS/SMB family of protocols used to be reverse
engineered, eventhough now in later times the documentation to those
protocols are now available so errors in the decoding can be fixed.
If the
On 02/22/14 19:15, Thomas Wiens wrote:
Hi,
I've written a wireshark dissector for communication between industrial
control systems, which come as payload of cotp packets.
But the packets are displayed as T.125 protocol, until I disable this
protocol in wireshark settings to get my own dissector
