Write a Wireshark Dissector! Then Dream Bigger.
Track two is in Jupiter Original
On two recent projects, I found myself spending hours grepping through logs and unpacking hexdumps by hand. Periodically, I advanced to the point of writing small Python scripts to parse through logs for me and query on events that I cared about, but the scripts got out of hand pretty quickly, especially as I built so many different variants for different bugs I was hunting. One day, I realized there was a tool out there that could help me explore traces, if only I could convince it to read them!
You might know Wireshark as a network capture tool, but the reality is that it has a rich dissector engine that can decode many different protocols, and you can extend it by writing Lua scripts. The secret is that you don’t have to be limited by protocols that exist on IP networks: you can hand it your own!
In this talk, I’ll cover the mechanics of getting started writing a dissector. I’ll give three examples of using Wireshark in real debugging scenarios at my desk, how it helped me, and where I ran into its limitations. Finally, I’ll conclude by briefly inviting you to dream a little bigger about what time-series debugging could be: are there other tools that a better UI designer than I could come up with?
About the Speaker
Joshua Wise is a computer engineer with a deep background in digital hardware design, embedded software, and systems architecture. He finds it deeply enjoyable to learn the right way to do things not only by direct experience, but also to learn the right ways to do things by process of elimination of the wrong ways to do things. Professionally, he previously spent seven years building camera image signal processing systems at NVIDIA and now is available to help make your embedded hardware goals real through his consultancy, Accelerated Tech.
