[sldev] [VWR] Wireshark disector for SL protocol

[Aidan Thornton]

On Wed, Feb 27, 2008 at 1:23 PM, Lawson English <lenglish5 at cox.net> wrote:
> Robin Cornelius wrote:
>  > On Sun, Feb 24, 2008 at 9:42 AM, Robin Cornelius
>  > <robin.cornelius at gmail.com> wrote:
>  >
>  >
>  >>  I find wireshark a useful network debugging tool, if i was to use libsl
>  >>  then i would have to do additional coding where as i just need to write
>  >>  a parser to plugin to wireshark and all the packet
>  >>  capture,logging,display etc is done for me.
>  >>
>  >
>  > Ok, i've mostly got working code together now, its sitting at
>  > svn://slupdate.byteme.org.uk/wireshark/plugins/secondlife  (check out
>  > with svn)
>  >
>  > It seems to basically work and decodes packets ok but currently does
>  > not handle zero encoded packets yet. The message template parser is as
>  > "rough as rats" but seems to work. In fact the whole thing is a bit
>  > rough but it basically does what i wanted it for.
>  >
>  >
>  Zero decode is strange because you have to decode the packet ID before
>  you can determine how long the packet is in order to decode the rest of
>  the packet (appended acks are not encoded).

Hi,

IIRC, that's not true. If the packet has appended acks (the flag
indicating this isn't zero-encoded) then the last byte of the packet
gives the total number of appended acks. You then just have to remove
the appropriate length of data from the end of the packet before
zero-decoding it.

Aidan