Initial Sysdig syscall (event) support.

Add a dissector for reading Sysdig event blocks. It only handles plain
events but it's usable for reading trace files on hand here.

Use a script to generate various parts of the dissector. As an experiment,
update parts in-place instead of using a template.

Ultimately there should probably be a top-level "Syscall" or "Event"
dissector alongside the "Frame" dissector, which could then call this.
You could then directly compare an executable's system calls alongside
its network traffic.

For now leverage the pcapng_block dissector and keep everything under
"Frame".

Next steps:
- Items listed at the top of packet-sysdig-event.c.

Change-Id: I17077e8d7f40d10a946d61189ebc077d81c4da37
Reviewed-on: https://code.wireshark.org/review/11103
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
(cherry picked from commit 0d497e812508b3d71716618e39647a107c206b1d)
Reviewed-on: https://code.wireshark.org/review/11702

1 files changed, 1 insertions, 0 deletions

diff --git a/docbook/release-notes.asciidoc b/docbook/release-notes.asciidoc
index db85cc11e5..ae4c2f9dcc 100644
--- a/docbook/release-notes.asciidoc
+++ b/docbook/release-notes.asciidoc
@@ -345,6 +345,7 @@ S7 Communication
 Secure Socket Tunnel Protocol (SSTP)
 Shared Memory Communications - RDMA (SMCR)
 Stateless Transport Tunneling
+Sysdig system call events
 TCP based Robot Operating System protocol (TCPROS)
 Thrift
 Time Division Multiplexing over Packet Network (TDMoP)