Wireshark is a very popular network traffic analyzer that supports not only many popular network protocols, but also custom protocols by adding an extension plugin called "dissector".'

Currently, Wireshark provides APIs to develop dissectors in Lua and C only. It’s a little disappointing for us Rubyists, we cannot write Ruby for developing Wireshark dissectors. So I have created an extension for Wireshark that makes it possible to easily add dissector by writing a configuration file via Ruby DSL, allowing you to analyze any protocols. It is accomplished by embedding mruby into Wireshark and wrapping Wireshark’s C API with Ruby.

This presentation will show its usage and implementation, and as an example, how to analyze dRuby (familiar to all Rubyists!) packets.