Some of the DCE/RPC-based dissectors are generated from the Samba4 IDL files and wireshark-specific conformance files using pidl. Pidl is a perl-based DCE/RPC IDL compiler developed for Samba 4. It has a module for generating wireshark dissectors. Pidl is licensed under the GNU GPLv3 or later.
The remainder of this file contains instructions on how to generate dissectors for wireshark using pidl.
Note: A copy of the pidl compiler and IDL files are now kept in the Wireshark source repository (SVN) and distributed as part of the Wireshark sources. See the README file in epan/dissectors/pidl
The compiler is available using Git, FTP or rsync from:
- git://git.samba.org/samba.git, the pidl/ subdirectory.
The Samba4 IDL files are available using Git, FTP or rsync from:
- git://git.samba.org/samba.git, librpc/idl subdirectory
In order for pidl to work, you will need to install yapp. On Suse and Fedora, the rpm is named perl-Parse-Yapp.
Note that installation is optional, pidl will work fine from the source directory as well.
(You will need to install ExtUtils::MakeMaker. On Fedora the rpm is named perl-ExtUtils-MakeMaker).
perl Makefile.PL && make install
pidl --ws-parser -- <idl-file>
This will generate a packet-dcerpc-<basename>.c and packet-dcerpc-<basename>.h in the current directory.
Dissectors autogenerated using pidl
Pidl is currently used for generating the dissectors for the following DCE/RPC interfaces:
NSPI Name Service Provider Interface
http://search.cpan.org/~ctrlsoft/Parse-Pidl/pidl - Pidl manpage