Description beyond the filename? No. But I'd turn it around and ask "what kind of dissector are you trying to make"? If its a protocol that runs over TCP or UDP, we can probably point you to some of the "simpler" ones to get started. There are also many dissectors for other underlying layers. Many Wireshark dissectors are developed using copy/paste, it's just a matter of finding what you need to copy. Many times assistance will be in the form of "go look at this dissector as an example", because with 1300 dissectors, "there's an example for that".
packet-PROTOABBREV.c certainly gives you a good skeleton, but the specifics of where your dissector will be called (like over TCP or UDP) can give you a good jump because you can just create a protocol field in the tree and have it show up in Wireshark. -----Original Message----- From: Christopher M. Lusardi via Wireshark-dev <wireshark-dev@wireshark.org> To: wireshark-dev <wireshark-dev@wireshark.org> Cc: Christopher M. Lusardi <clusard...@aol.com> Sent: Fri, Sep 22, 2017 11:31 am Subject: Re: [Wireshark-dev] Is there any example C dissectors I can study? Is there a description available on all these files? I enjoyed one of you SharFest15 videos on Youtube: https://www.youtube.com/watch?v=bwqv_OzCZC8 Thank you, Christopher M. Lusardi -----Original Message----- From: Graham Bloice <graham.blo...@trihedral.com> To: Developer support list for Wireshark <wireshark-dev@wireshark.org> Sent: Thu, Sep 21, 2017 11:01 am Subject: Re: [Wireshark-dev] Is there any example C dissectors I can study? On 20 September 2017 at 19:45, <christopher.lusa...@engilitycorp.com> wrote: Are there any large databases with example C dissectors that I can access? Thanks, Do you mean dissectors for large databases or a large collection of dissectors? If the latter, then there are 1300 or so or so here: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=tree;f=epan/dissectors;h=6b9af4c25edd6252b636e2d64e8d994507e9d66e;hb=HEAD -- Graham Bloice ___________________________________________________________________________Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org>Archives: https://www.wireshark.org/lists/wireshark-devUnsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe ___________________________________________________________________________Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org>Archives: https://www.wireshark.org/lists/wireshark-devUnsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
