Hacker News new | ask | show | jobs
by marshray 5236 days ago
Isn't Wireshark extensible in Lua?

I can see both sides of the argument here, but basing a protocol on text just for the ease of eyeballing it on-the-wire seems like optimizing for the uncommon case.

Heck, almost any decent protocol should only have ciphertext on-the-wire anyway.
1 comments
tptacek 5236 days ago
That's more or less like saying "well they can just write the decode". They're network administrators. If you use an ASCII protocol, they don't have to do anything.
link
marshray 5236 days ago
I'm saying someone can write the decode and share it on their blog post or Github and your admin can start using it without having to recompile Wireshark. (I think, haven't actually tried it myself).

But even still, this only matters if:

A. The protocol is so new that Wireshark isn't shipping a parser,

B. the admin's stuff isn't working,

C. the admin can't get his stuff working by normal troubleshooting and must resort to observing the protocol,

D. the admin can't get his stuff working by observing the binary representation of the protocol, and

E. the admin actually can get his stuff working with a transliterated ASCII representation of the protocol.

Certainly I would probably find it easier to troubleshoot a text-based protocol too. I just think it's a relatively minor case in the grand scheme of things.

link