Wireshark-bugs: [Wireshark-bugs] [Bug 12906] New: HL7 protocol support
Date: Fri, 16 Sep 2016 07:55:17 +0000
Bug ID 12906
Summary HL7 protocol support
Product Wireshark
Version Git
Hardware All
OS All
Status UNCONFIRMED
Severity Normal
Priority Low
Component Dissection engine (libwireshark)
Assignee bugzilla-admin@wireshark.org
Reporter francesco.fondelli@gmail.com

Created attachment 14922 [details]
synthetic HL7 messages

Build Information:
Wireshark 2.3.0 (v2.3.0rc0-689-gc5a477e from master)

Copyright 1998-2016 Gerald Combs <gerald@wireshark.org> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with GTK+ 2.24.23, with Cairo 1.13.1, with Pango 1.36.3, with
libpcap, without POSIX capabilities, without libnl, with GLib 2.40.2, with zlib
1.2.8, without SMI, without c-ares, without Lua, without GnuTLS, without
Gcrypt,
without Kerberos, without GeoIP, without PortAudio, without AirPcap.

Running on Linux 3.13.0-46-generic, with locale LC_CTYPE=en_US.UTF-8,
LC_NUMERIC=it_IT.UTF-8, LC_TIME=it_IT.UTF-8, LC_COLLATE=en_US.UTF-8,
LC_MONETARY=it_IT.UTF-8, LC_MESSAGES=en_US.UTF-8, LC_PAPER=it_IT.UTF-8,
LC_NAME=it_IT.UTF-8, LC_ADDRESS=it_IT.UTF-8, LC_TELEPHONE=it_IT.UTF-8,
LC_MEASUREMENT=it_IT.UTF-8, LC_IDENTIFICATION=it_IT.UTF-8, with libpcap version
1.5.3, with zlib 1.2.8.
       Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz

Built using gcc 4.8.2.

--
Hi,

This dissector adds support for HL7 (Health Level 7) version 2. The dissector
is not full-fledged but is a solid base. Users can easily search for text in
data fields with display filters, e.g.

Show me all "Admission, Discharge, Transfer" messages triggered by "Admit/visit
notification" event that contain "Back pain"

hl7.message.type matches "ADT" and hl7.event.type matches "A01" and hl7.field
contains "Back pain"

The heuristic logic assumes the most common (my speculation) HL7 transport (LLP
over TCP).

https://code.wireshark.org/review/#/c/17725/

fuzz-tested

thank you
ciao
fra


You are receiving this mail because:
  • You are watching all bug changes.