Wireshark · Wireshark-dev: [Wireshark-dev] Export higer level PDUs, "Unbundled PDUs" decrypted PDUs etc

Wireshark-dev: [Wireshark-dev] Export higer level PDUs, "Unbundled PDUs" decrypted PDUs etc

From: Anders Broman <anders.broman@xxxxxxxxxxxx>

Date: Thu, 18 Apr 2013 08:53:40 +0000

Hi,

I think these topics in various forms has been cropping up lately, would it be possible/useful to have a generic feature to “Export” to a new file

From a dissector using a tap writing a to a generic DLT with a pseudo header containing pseudo data such as extracts from lover layers like IP port or whatever can be useful

and an Indication what the next level protocol is. As an example if I have decrypted and reassembled SIP traffic it could be useful to be able to export that to a new file

Just containing the SIP traffic and the IP port combination used. The header would then Indicate the protocol as SIP and the meta data would be of type TLV and added to as

Needs arises. Just a rough idea…

Regards

Anders

Follow-Ups:
- Re: [Wireshark-dev] Export higer level PDUs, "Unbundled PDUs" decrypted PDUs etc
  - From: vineeth vijay

Prev by Date: Re: [Wireshark-dev] [GSoC] Packet Editor and Viewer
Next by Date: [Wireshark-dev] Need help for getting started
Previous by thread: Re: [Wireshark-dev] epan_base64_decode(): failure when string contains a NUL character
Next by thread: Re: [Wireshark-dev] Export higer level PDUs, "Unbundled PDUs" decrypted PDUs etc
Index(es):
- Date
- Thread