How do I add support for a new protocol to Wireshark?

pyrodigy
1 ●1

Guy Harris
19905 ●3 ●677 ●207

Hello wireshark community, We are a hardware developer and we have created a simple UDP Ethernet protocol to stream with our own devices.

And It would be great to publish it on Wireshark.

I have a few questions:

Does the protocol have to be a standard? Is there a specification like port number, header count, etc..? Lets say We would like use UDP port: 7256 and our main header 20 byte long.
What do I need to do to publish and support it in Wireshark?

Thank you for your answers.

13782 ●720 ●115

To answer your questions:

No, any protocol may be included if there's an interest to doing so
To get a dissector (written in C) included, you would have to create a Merge Request on the GitLab Wireshark repository.

But there are a few other questions you may want to consider, among which.

Do you want to create a dissector written in C, to be included in the Wireshark repository and be 'fixed' in a stable release, or you want to create a dissector written in Lua, which you maintain and distribute yourself? The first gives wider reach, but less flexibility, the later vice versa.

Go through the Developer's Guide and doc/README.dissector, and take inspiration from the other dissectors that are already build in.

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

1 Answer