Ask Your Question

About using Dissectors in other applications

asked 2019-04-11 01:56:50 +0000

Guin gravatar image

I am developing a device with the same functionality as IPS. So I'm implementing the function to filter packets using Netfilter's NFQueue. I have received the packet through the NFQueue and have confirmed that the received packet operates normally for functions such as modulation, delay, drop, etc. However, I am worried about implementing packet filtering function in Application Layer. It should basically be able to filter GOOSE and MMS Protocol at the user level. However, the MMS Protocol is complex. So I would like to refer to Wireshark's Dissector Library. I can receive the entire packet data, including the Ethernet frame, in binary format. I want to divide the MMS and GOOSE packets into protocol layers by referring to this binary data and the Wireshark Library. Is this possible?

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted

answered 2019-04-11 08:52:02 +0000

grahamb gravatar image

Others have done so, although with difficulty as the Wireshark dissector library isn't designed to be a general purpose dissection engine, rather it's the dissection engine for the Wireshark suite of tools.

You should also note the licence for the Wireshark code, which is GPL 2.0.

edit flag offensive delete link more


Thanks to your help.

Guin gravatar imageGuin ( 2019-04-12 00:23:51 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower


Asked: 2019-04-11 01:56:50 +0000

Seen: 113 times

Last updated: Apr 11 '19