Network Monitor displays protocol information for network administrators to use when viewing network traffic and troubleshooting problems. By writing custom protocol parsers, you can extend the set of protocols for which information is displayed in Network Monitor.
Protocol parsers read through raw network frames (packets of network data), locating specific protocol headers within the data stream, attaching descriptions (properties) to each of the header's fields, and identifying those properties to the Network Monitor kernel. Network Monitor then displays the captured data and the properties attached by the parser, to help the network administrator understand the data. Note that you must not use any threads, or APIs that will not run on Microsoft® Win32s®, in your parser.
Before attaching properties to the raw data, a parser must first register all possible properties with the Network Monitor kernel. The parser tells the kernel to create a property database, and then fills the property database with all of the possible properties for its protocol. Each property in the property database contains information such as a textual description, a data type and qualifier (used to format the raw data), and a formatting routine for displaying the data.
The creation of a parser is a multi-step process ranging from simple, environment-building tasks, such as setting up Microsoft® Visual C++® or the Platform SDK, to those specific to Microsoft Systems Management Server (SMS) such as editing SMS source and header files.
The following topics present an overview of the important issues you should address when developing parser DLLs to extend Network Monitor. For more information about these topics, see the Microsoft Systems Management Server documentation in the "Setup and Systems Management Services" section of the Microsoft Platform SDK.