Some of the DCE/RPC-based dissectors are generated from the Samba4 IDL files and wireshark-specific conformance files using pidl. Pidl is a perl-based DCE/RPC IDL compiler developed for Samba 4. It has a module for generating wireshark dissectors. Pidl is licensed under the GNU GPLv3 or later.

The remainder of this file contains instructions on how to generate dissectors for wireshark using pidl.

Patches to pidl and the IDL files should be sent to samba-technical@samba.org Corrections to the conformance files should go to the wireshark development team at wireshark-dev@wireshark.org .

Obtaining

Note: A copy of the pidl compiler and IDL files are now kept in the Wireshark source repository (SVN) and distributed as part of the Wireshark sources. See the README file in epan/dissectors/pidl

The compiler is available using Git, FTP or rsync from:

Git:

FTP:

rsync:

IDL Files

The Samba4 IDL files are available using Git, FTP or rsync from:

SVN:

FTP:

rsync:

Other requirements

In order for pidl to work, you will need to install yapp. On Suse and Fedora, the rpm is named perl-Parse-Yapp.

Installing pidl

Note that installation is optional, pidl will work fine from the source directory as well.

Run:

(You will need to install ExtUtils::MakeMaker. On Fedora the rpm is named perl-ExtUtils-MakeMaker).

perl Makefile.PL && make install

to install

Running pidl

Run:

pidl --ws-parser -- <idl-file>

This will generate a packet-dcerpc-<basename>.c and packet-dcerpc-<basename>.h in the current directory.

Dissectors autogenerated using pidl

Pidl is currently used for generating the dissectors for the following DCE/RPC interfaces:

References

http://search.cpan.org/~ctrlsoft/Parse-Pidl/pidl - Pidl manpage

Pidl (last edited 2010-12-30 03:02:04 by GuyHarris)