Bug ID |
12906
|
Summary |
HL7 protocol support
|
Product |
Wireshark
|
Version |
Git
|
Hardware |
All
|
OS |
All
|
Status |
UNCONFIRMED
|
Severity |
Normal
|
Priority |
Low
|
Component |
Dissection engine (libwireshark)
|
Assignee |
bugzilla-admin@wireshark.org
|
Reporter |
francesco.fondelli@gmail.com
|
Created attachment 14922 [details]
synthetic HL7 messages
Build Information:
Wireshark 2.3.0 (v2.3.0rc0-689-gc5a477e from master)
Copyright 1998-2016 Gerald Combs <gerald@wireshark.org> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with GTK+ 2.24.23, with Cairo 1.13.1, with Pango 1.36.3, with
libpcap, without POSIX capabilities, without libnl, with GLib 2.40.2, with zlib
1.2.8, without SMI, without c-ares, without Lua, without GnuTLS, without
Gcrypt,
without Kerberos, without GeoIP, without PortAudio, without AirPcap.
Running on Linux 3.13.0-46-generic, with locale LC_CTYPE=en_US.UTF-8,
LC_NUMERIC=it_IT.UTF-8, LC_TIME=it_IT.UTF-8, LC_COLLATE=en_US.UTF-8,
LC_MONETARY=it_IT.UTF-8, LC_MESSAGES=en_US.UTF-8, LC_PAPER=it_IT.UTF-8,
LC_NAME=it_IT.UTF-8, LC_ADDRESS=it_IT.UTF-8, LC_TELEPHONE=it_IT.UTF-8,
LC_MEASUREMENT=it_IT.UTF-8, LC_IDENTIFICATION=it_IT.UTF-8, with libpcap version
1.5.3, with zlib 1.2.8.
Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz
Built using gcc 4.8.2.
--
Hi,
This dissector adds support for HL7 (Health Level 7) version 2. The dissector
is not full-fledged but is a solid base. Users can easily search for text in
data fields with display filters, e.g.
Show me all "Admission, Discharge, Transfer" messages triggered by "Admit/visit
notification" event that contain "Back pain"
hl7.message.type matches "ADT" and hl7.event.type matches "A01" and hl7.field
contains "Back pain"
The heuristic logic assumes the most common (my speculation) HL7 transport (LLP
over TCP).
https://code.wireshark.org/review/#/c/17725/
fuzz-tested
thank you
ciao
fra
You are receiving this mail because:
- You are watching all bug changes.