hello Yodoloi,
I didn't recall the deflate option used at the beginning of the handshake by the time I wrote this post. What I did is that I used the Limewire source and modified the source for it to send everything not compressed.
I was lazy enough to write the code to decompress it. A cool thing would be though if the libraries used by Wireshark (libpcap or winpcap) had the option of decompressing the payload of a packet, like you said. That would save a lot. And it doesn't sound unreasonable. I actually wrote a program to detect gnutella traffic. I will try to find something like that and post it here.
Mike