How do I add a custom protocol to OmniPeek?
- Exit OmniPeek.
- First, make a backup copy of the pspecs.xml file. OmniPeek will not load if the pspecs.xml file is missing or corrupted.
Note: By default the pspecs.xml file is located in "C:Program FilesWildPacketsOmniPeek1033" for the English-localized version. For other languages, the final subdirectory ("1033") will be equal to the language code for the OmniPeek's localized language.
- Open the pspecs.xml file in your favorite text or XML editor.
Note: Please make sure you add the protocols in the right section (TCP/UDP) and that the higher port numbers go further down in the file.
- Create a new entry (see example below).
MyProtocol - Long Name
MyProtocol - Short Name
This is my protocol.
The PSpecID is a numerical identifier for the protocol. It must be unique-that is, no two protocols are allowed to have the same PSpecID. You must choose a PSpecID that is not used anywhere else in the file.
The tag will define a port number. The example is using port number 1234. You can add additional ports by adding additional tags. See example below.
The PSpec Name will be displayed in the Protocol column of the Packets tab.
The LName will be displayed in the Protocol Info dialog box (accessed by right-clicking the protocol and choosing Protocol Info).
The SName will be displayed in the Protocol statistics.
The Desc will be displayed in the Protocol Info box (Desc is optional. You can delete it if you don't want to write a description for your protocol).
Color will be the color used for the protocol. Colors are defined at the beginning of the document. Color is optional. You can delete it and OmniPeek will choose a color for the protocol.
CondSwitch tells OmniPeek how to recognize the protocol. For now, all you have to do is edit the "SrcPort ==" and "DestPort ==" entries to contain the port number that your protocol uses. These two entries should be the same.
For more information on ProtoSpecs, please log into MyPeek and under the Resources section go to Developer Documentation and take a look at the ProtoSpecs XML Writing Guidelines.
Back to the top