Hi, Pascal! Thanks a lot! I’ll start with that! I can see the comments in the code, will see if I can use those in the description for the users!
Alex > On 30 Sep 2020, at 16:35, Pascal Quantin <pas...@wireshark.org> wrote: > > Hi Alex, > > Le mar. 29 sept. 2020 à 20:14, Alex Nik <rage.iz...@gmail.com > <mailto:rage.iz...@gmail.com>> a écrit : > Hi, folks, > > I’m looking for the subject matter expert in Exporting PDUs to file and > Exporting TLS session keys to write a proper documentation. Is there anyone > who I can ask questions? I’m alexnik in the IRC. Could you contact me there > please, or answer to this mail? > > I have contributed to the PDU export functionality addition in Wireshark even > if I'm not the author. You can find some documentation in the corresponding > header file > (https://gitlab.com/wireshark/wireshark/-/blob/master/epan/exported_pdu.h > <https://gitlab.com/wireshark/wireshark/-/blob/master/epan/exported_pdu.h>) > even if it is more developer oriented than user oriented. The purpose is to > be able to save "upper level" PDUs without the need for lower level protocols > (for example to save a decrypted session without the need to share the > encryption keys). > Currently we have the following default PDU export levels: > - Logcat and Logcat text: for Android logs > - DLT User: to be able to export a protocol framed in a user data link type > table without the need to configure user DLT table again (see > https://gitlab.com/wireshark/wireshark/-/wikis/HowToDissectAnything > <https://gitlab.com/wireshark/wireshark/-/wikis/HowToDissectAnything>) > - DVB-CI: for DVB protocol > - OSI layer 3: currently used to export protocols encapsulated in IPSec or > SCTP > - OSI layer 4: currently used to export protocols encapsulated in TCP or UDP > - OSI layer 7: currently used to export the following protocols: CredSSP over > TLS, Diameter, protocols encapsulated in TLS and DTLS, H.248, Megaco, RELOAD > framing, SIP, SMPP > The framework allows any dissector to add itself to this existing list or > define a new entry in the list. The choice of the protocols using this > functionality was mostly driven by user specific needs than anything else. > > Hope this helps. Feel free to ask if you have more questions, I will try to > help. > > Best regards, > Pascal. > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> > Archives: https://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev > mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe