Developping Wireshark Plugin


Hi, … emble.html

Based on the docs for creating a Wireshark plugin, I had a hard time understanding what the line “we’ll assume there is a simple in-protocol signalling mechanism to give details”. Would this mean that the following snippet of code would be contained as part of the packet’s compression process code, or would I have to write this code within my packet-“plugin”.c?

msg_pkt ::= SEQUENCE {

flags ::= SEQUENCE {
fragment BOOLEAN,
last_fragment BOOLEAN,

msg_id INTEGER(0…65535),
frag_id INTEGER(0…65535),


Thanks (and sorry for the lack of knowledge)!