Wireshark-dev: Re: [Wireshark-dev] New dissector for RTMPT
metatech wrote:
Hello,
Here is a dissector for the Real Time Messaging Protocol which is used
by the Flash plug-in for the live video streaming with the Adobe Flash
Communication Server.
As a dissector for another protocol named "RTMP" already exists in
Wireshark (AppleTalk protocol) , I took an alternate name for mine (RTMPT).
Since the protocol does not have "magic" words but rather has "magic"
offsets, I added a field in the private_data passed by the TCP dissector
for the "ack" sequence number.
The RTMP protocol has been extensively reverse engineered by the Red5
project but this dissector only has a basic subset of the protocol.
The patch is generated against trunk version of today with the diff
command.
I have uploaded in the Wiki a sample of an RTMP conversation
(http://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=get&target=rtmp_sample.tgz)
and I ran more than 1100 runs of fuzz testing.
Please commit it.
The new process is to open an enhancement bug and attach your patch/new
dissector there (setting the "review_for_checkin" flag to "?"). This
way it's sure your patch won't get lost.
