Ask Your Question

Dissector stability guarantees

asked 2020-07-09 16:24:01 +0000

Avi gravatar image


Is there any policy in place regarding the stability of dissector field names and textual representation of data?

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted

answered 2020-07-09 16:27:43 +0000

grahamb gravatar image

None really, but it's informally "discouraged" as it can break workflows that depend on them, e.g. scripted display filters and post processing of fields.

edit flag offensive delete link more


I did see it happen on at least one field in the WLAN dissector.

Seems to me like we should start versioning scripts.

Avi gravatar imageAvi ( 2020-07-09 16:47:28 +0000 )edit

Unfortunately they do change, it's not as if they are IANA registered, and I believe the WLAN stuff has seen some extensive changes.

Fields shouldn't change within a stable release, e.g. 3.2.x, but could change on the next major version, e.g. 3.4.x.

In a "mission critical" environment I would hope that all the tools, Wireshark, associated scripts etc. are version controlled, elsewhere any breakage would be adapted to.

grahamb gravatar imagegrahamb ( 2020-07-09 17:12:47 +0000 )edit

In the WLAN case it is necessary sometimes to upgrade wireshark to support newer specs, which can break older scripts.

Anyway, it seems like having multiple major versions installed might work.

Avi gravatar imageAvi ( 2020-07-09 17:19:11 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools


Asked: 2020-07-09 16:24:01 +0000

Seen: 279 times

Last updated: Jul 09 '20