Wireshark · Wireshark-dev: Re: [Wireshark-dev] Some questions on RPC dissectors (for a new Gluster dissector)

Wireshark-dev: Re: [Wireshark-dev] Some questions on RPC dissectors (for a new Gluster dissecto

Date: Tue, 24 Apr 2012 09:39:25 +0300

On Fri, Apr 20, 2012 at 6:08 PM, Niels de Vos <ndevos@xxxxxxxxxx> wrote:

Hi all,

Bug 5773 was opened as an RFE for implementing a dissector for Gluster. The Gluster 'protocol' consists out of several RPC-programs, each with their own set of procedures.

There are some questions I would like to ask:

1)
I am not sure what the best practice is to group these related RPC-programs. At the moment, I have a packet-gluster.c file (and a header) that registers proto_gluster with proto_register_protocol().

Each dissector for an RPC-program registers its header-field-array with this proto_gluster handle. Some of the RPC-programs have their own file, to the proto_gluster handle is made non-static and exported in the packet-gluster.h file.

Is this something that I should rather not do, and create complete separate dissectors for each RPC-program? There are some header-fields that are the same for several RPC-programs, should these just be duplicated? (Currently these are non-static as well, and listed in the header file too.)

You can have a packet-gluster-common.{c|h} file(s).

If I can keep using this structure, how can I guarantee that the proto_gluster handle has been initialized when other dissectors try to use it with proto_register_field_array()?

2)
The Gluster protocols use RPC-credentials with number 5. This number is currently not dissected in packet-rpc.c, but I also doubt IANA assigned this number to the Gluster protocols. What would be the best way to add an implementation to dissect the credentials in the RPC-header?

a) just dissect any number 5 flavour as Gluster-credentials

Google around to see if others may have (ab)used this number as well. If not, I'd just dissect it as Gluster's - with a comment in the code explaining it is non registered to Gluster (and worth shooting an email to the gluster dev list asking if they intend to register it).

b) add a preference-option to the RPC-dissector
c) detect the credential-flavour based on flavour+program number
d) something else, please specify

That's it for now. I'm happy to provide more details if that would clarify my questions.

Many thanks,
Niels
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@wireshark.org?subject=unsubscribe

Follow-Ups:
- Re: [Wireshark-dev] Some questions on RPC dissectors (for a new Gluster dissector)
  - From: Niels de Vos

References:
- [Wireshark-dev] Some questions on RPC dissectors (for a new Gluster dissector)
  - From: Niels de Vos

Prev by Date: Re: [Wireshark-dev] Wireshark 1.6.x requires GLib 2.10 or later, but the configure script doesn't check for that
Next by Date: Re: [Wireshark-dev] Capturing CAN packets
Previous by thread: [Wireshark-dev] Some questions on RPC dissectors (for a new Gluster dissector)
Next by thread: Re: [Wireshark-dev] Some questions on RPC dissectors (for a new Gluster dissector)
Index(es):
- Date
- Thread