|author||Dirk Jagdmann <email@example.com>||2016-09-22 23:32:53 -0700|
|committer||Anders Broman <firstname.lastname@example.org>||2016-09-24 05:42:11 +0000|
update description of PDML file format by updating URLs to external documentation. Also mention the pdml2html.xsl file.
Change-Id: I44894f52771939bf9f861abf19bcb8bc589e37eb Reviewed-on: https://code.wireshark.org/review/17894 Reviewed-by: Anders Broman <email@example.com>
Diffstat (limited to 'doc/README.xml-output')
1 files changed, 22 insertions, 10 deletions
diff --git a/doc/README.xml-output b/doc/README.xml-output
index a2818c0..31fd6e2 100644
@@ -2,25 +2,32 @@ Protocol Dissection in XML Format
Copyright (c) 2003 by Gilbert Ramirez <firstname.lastname@example.org>
Wireshark has the ability to export its protocol dissection in an
-XML format, tshark has similar functionality by using the "-Tpdml"
+XML format, tshark has similar functionality by using the "-Tpdml"
The XML that wireshark produces follows the Packet Details Markup
Language (PDML) specified by the group at the Politecnico Di Torino
-working on Analyzer. The specification can be found at:
+working on Analyzer. The specification was found at:
-That URL is not functioning any more, but a copy can be found at:
+That URL is not working any more, but a copy can be found at:
+or at the internet archive:
+This is similar to the NetPDL language specification:
A related XML format, the Packet Summary Markup Language (PSML), is
also defined by the Analyzer group to provide packet summary information.
The PSML format is not documented in a publicly-available HTML document,
-but its format is simple. Wireshark can export this format too. Some day it
+but its format is simple. Wireshark can export this format too. Some day it
may be added to tshark so that "-Tpsml" would produce PSML.
One wonders if the "-T" option should read "-Txml" instead of "-Tpdml"
@@ -32,7 +39,7 @@ PDML
The PDML that wireshark produces is known not to be loadable into Analyzer.
It causes Analyzer to crash. As such, the PDML that wireshark produces
-is be labeled with a version number of "0", which means that the PDML does
+is labeled with a version number of "0", which means that the PDML does
not fully follow the PDML spec. Furthermore, a creator attribute in the
"<pdml>" tag gives the version number of wireshark/tshark that produced the PDML.
In that way, as the PDML produced by wireshark matures, but still does not
@@ -136,8 +143,6 @@ In PDML, the "Data" protocol would become another field under HTTP:
This is a python module which provides some infrastructure for
@@ -203,10 +208,17 @@ the PDML output of tshark, pass a read filter with "-R" to tshark to
try to reduce as much as possible the number of packets coming out of tshark.
The less your script has to process, the faster it will be.
-'tools/msnchat' is a sample Python program that uses WiresharkXML to parse
+tools/msnchat is a sample Python program that uses WiresharkXML to parse
PDML. Given one or more capture files, it runs tshark on each of them,
providing a read filter to reduce tshark's output. It finds MSN Chat
conversations in the capture file and produces nice HTML showing the
conversations. It has only been tested with capture files containing
non-simultaneous chat sessions, but was written to more-or-less handle any
number of simultaneous chat sessions.
+pdml2html.xsl is a XSLT file to convert PDML files into HTML.
+See https://wiki.wireshark.org/PDML for more details.