Ask Your Question

I want to write a new dissector. Should I use the development source or the latest version source. What's the difference?

asked 2018-10-17 12:15:54 +0000

updated 2018-10-17 14:34:22 +0000

cmaynard gravatar image

I am new to working with wireshark code and am not sure why I would want to use the older version development source.

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted

answered 2018-10-17 12:35:03 +0000

grahamb gravatar image

Basically it depends on what you're intending to do with the dissector.

If you're keeping it private, within a company you may want to just run the stable release version.

If you're going to submit the dissector back to the Wireshark project, then as per the Wireshark Development Submitting Patches wiki page, you should base your change off master (i.e. development). Bug fixes only can be backported to the stable versions, a new dissector will only be in the development version until that's released (see the LifeCycle wiki page for more notes about releases and backports) .

edit flag offensive delete link more


Thank you for the quick response. This will be for troubleshooting equipment that uses Ethernet to communicate between the devices on a closed network. It is a locally developed protocol and would be of no value to anyone else. For that reason it will remain private.

tlofton1 gravatar imagetlofton1 ( 2018-10-17 12:40:49 +0000 )edit

Then it's up to you. If you're likely to want to maintain it in future and use with newer Wireshark versions, then probably best to start with the dev sources. The drawback of the dev sources is that things change rapidly, sometimes lots of changes in a short time so if you're tracking against master you might have more rework to do. Having said that the API that a dissector uses seems fairly stable at the moment.

grahamb gravatar imagegrahamb ( 2018-10-17 13:05:24 +0000 )edit

My own 2 cents: For internal dissectors that I maintain, I stick with the latest stable release, and then migrate to the next stable release whenever it comes out, usually once per year. There usually aren't that many changes that need to be made when migrating, and by sticking with the latest stable release, I avoid any changes occurring in development that may or possibly may not make it into the next stable release.

cmaynard gravatar imagecmaynard ( 2018-10-17 14:33:48 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower


Asked: 2018-10-17 12:15:54 +0000

Seen: 36 times

Last updated: Oct 17