Updated README and docs

Benoit · Benoit · commit 8ff932cc4900 · 2024-03-26T22:10:48.000+01:00
diff --git a/DEVGUIDE.md b/DEVGUIDE.md
@@ -104,6 +104,19 @@ func (WiregoExample) GetDetectionHeuristicsParents() []string {
 }
 ```
 
+When using detection heuristics mode, if a packet matches the "heuristics parent" previously defined, a detection function will be called. Return true if the packet is yours and false otherwise.
+
+```golang
+func (WiregoExample) DetectionHeuristic(packetNumber int, src string, dst string, layer string, packet []byte) bool {
+	//All packets starting with 0x00 should be passed to our dissector (super advanced heuristic)
+	if len(packet) != 0 && packet[0] == 0x00 {
+		return true
+	}
+	return false
+}
+```
+
+
 The most interesting part is the DissectPacket function, where you will implement your parser:
 
 ```golang
diff --git a/README.md b/README.md
@@ -39,7 +39,8 @@ For **step 2**, you will basically just have to __import "wirego"__ and implemen
       Setup() error
       GetFields() []WiresharkField
       GetDetectionFilters() []DetectionFilterType
-    	GetDetectionHeuristicsParent() []string
+      GetDetectionHeuristicsParent() []string
+      DetectionHeuristic(packetNumber int, src string, dst string, stack string, packet []byte) bool
       DissectPacket(packetNumber int, src string, dst string, stack string, packet []byte) *DissectResult
     }
 ```
