Add new function for dissecting OP_MSG: case OP_MSG: offset = dissect_mongo_op_msg(tvb, pinfo, offset, mongo_tree); Consume bytes, and build tree with information Items, Subtrees and Bitmasks Wireshark API and tooling makes it hard to make undetected mistakes They have a nice workflow with Gerrit and code review