Dissector for the USB Integrated Circuit Card Interface Device Class (CCID)
I've implemented a reasonable subset of a dissector for the USB CCID specification (as described at http://www.usb.org/developers/devclass_docs/DWG_Smart-Card_CCID_Rev110.pdf), during the course of experimenting with an ACS ACR122U ISO 14443 card reader and MiFare tokens.
It currently identifies all of the message types listed in that specification,ng.
From me:
* Fix Clang Warning
* Remove trailing whitespace from lines
* Fix Checkhf (Remove a unused entry)
* Added packet-rfid-mifare to Makefile.common and CMakeLists.txt
svn path=/trunk/; revision=39750
Dissector for the NXP MiFare Protocol
I've just finished writing a dissector for the NXP-proprietary MiFare Protocol, as used alongside ISO 14443-A by a popular range of contactless (not-so-smart) cards, and various emulations, variants and clones thereof.
It currently supports all of the commands listed in http://www.nxp.com/documents/data_sheet/MF1S703x.pdf that also happen to be supported by LibNFC (http://code.google.com/p/libnfc/) - modulo the "NAK" and CRC bytes, since I haven't found examples of their usage in my USB traces, and I didn't want to hand-craft (probably incorrect) examples for testing.
From me:
* Fix Clang Warning
* Remove trailing whitespace from lines;
* Added packet-rfid-mifare to Makefile.common and CMakeLists.txt
* Add Modelines information
svn path=/trunk/; revision=39746
Dissector for HSR and PRP-1
Here is a patch that adds a dissector for HSR and for PRP-1. Both protocols are defined in IEC62439 Part 3. (High-availability Seamless Redundancy / Parallel Redundancy Protocol)
The existing PRP dissector has been refactored to support both the old PRP (now called PRP-0) and the new PRP-1.
There are three distinct dissectors:
- HSR (ethertype 892F)
- HSR/PRP supervision (ethertype 88FB)
- PRP-0 and PRP-1 (trailer dissector; disabled by default)
From me :
* Fix Clang Warning
* Add modification for CMakeLists.txt
svn path=/trunk/; revision=39692
Enhance Universal Alcatel Protocol
Several fixes and heuristic version. You can also specify the ports (as in the previous version), if the heuristic version is not working properly.
svn path=/trunk/; revision=39691
BitTorrent DHT dissector for wireshark
From me :
* Fix encoding attribut for proto_tree_add_item (with fix-encodings-args script)
svn path=/trunk/; revision=39653
dissector for HDCP (High bandwidth Digital Content Protection)
HDCP can run on top of TCP, there's no fixed port number assigned. I created a heuristic dissector that's disabled by default and can be enabled by setting a preference (similar to the hilscher dissector). The idea behind this is that some HDCP messages are hard to recognize (e.g. one byte message id + 8 random bytes). Having the dissector enabled at all times may generate false positives.
svn path=/trunk/; revision=39480
New Protocol Submission for MVRP (Multiple VLAN Registration Protocol)
New dissector submission for Multiple VLAN Registration Protocol (MVRP) defined in 802.1ak Standard, section 11. MVRP is used to to dynamically create and update Dynamic VLAN Registration Entries.
From me :
* Fix error from fix-encodings-args script
* Add Modeline information
* Added packet-mrp-mvrp.c to CMakeLists.txt
svn path=/trunk/; revision=39477
Add dissector for public protocol Flight Message Transfer Protocol (FMTP)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6433
- Modified and moved col_add_fstr outside of if(tree)
- call data dissector for data
- use ENC_BIG_ENDIAN
- minor cleanups
svn path=/trunk/; revision=39403
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5929
From me:
packet-cipmotion.c:
FT_BOOLEAN fields with bitmasks need a bit-fieldwidth in the hf[] entry 'display' field;
Define attribute_size as guint32 since it has to store guint8*guint16;
Use ENC_NA as encoding arg in proto_tree_add_item() for FT_BYTES field types;
Remove trailing whitespace from lines;
Other minor cleanup and reformatting.
packet-enip.c:
Use ENC_NA as encoding arg in proto_tree_add_item() for FT_BYTES field types;
svn path=/trunk/; revision=39396
This is a dissector for the BRP (Bandwidth Reservation Protocol). This protocol
is used by various telecommunications vendors to establish VoD (Video
On-Demand) sessions between a STB (Set Top Box) at the customer's home and the
VoD server at the video head-end.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6428
- Changed hf blurbs to NULL
- Used dissector_add_handle() as the proposed port is registered to a different protocol.
svn path=/trunk/; revision=39254
New dissectors: (UA) Universal Alcatel Protocol and transport UAUDP
From me :
* Prefer proto_tree_add_item (when is possible)
* Use 4-space indenting
* Add Modeline information
* Fix Clang Warning
svn path=/trunk/; revision=39167
Add dissector for XMCP protocol.
From me:
- Fixed an obvious bug setting transaction_id_key[2].key = NULL,
where transaction_id_key is defined with only 2 elements.
- Only register heur_dissector once.
- Only find media_type_dissector_table once.
- Added packet-xmcp.c to CMakeLists.txt
svn path=/trunk/; revision=39131
A work in progress.
Can be used with the SSL dissector to decrypt Enhanced RDP Security SSL.
With Standard RDP Security (e.g those on Wiki), the PDUs are all encrypted
after the SecurityExchange PDU.
Wiki to be updated with an example SSL protected capture and associated
key material.
svn path=/trunk/; revision=39066
Vuze, called Azureus before, is a great BT client and has a lot of users,
while its DHT implementation is different from the official one.
From me: New-style dissectors are supposed to to always return
"bytes dissected" (not just when tree != NULL);
svn path=/trunk/; revision=37755
Attached is a dissector for CN/IP protocol described in EIA-852. It is mainly
used to encapsulate and send Lontalk (EIA-709.1) or EIA-600 frames over UDP (or
TCP).
This dissector can only decode the common header and data frames can be decoded
by further dissectors.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5907
svn path=/trunk/; revision=37596
The two patches attached allow the dissection of the Homeplug AV Ethernet MAC
management frames between a controlling device and a Homeplug AV Ethernet to
PLC adapter. This protocol is pretty similar to the previous generation
Homeplug protocol (dissected by packet-homeplug.c) but a couple of noticeable
differences make it require its own dissector handler.
This dissector is based on the work done by Nicolas Thill, Xavier Carcelle and
myself in the Faifa project (https://dev.open-plc.org).
The dissector handles the standard Homeplug AV Ethernet MAC management frames
(called public) as well as the Intellon specific management frames (vendor).
From me:
Remove unnecessary global variables.
Add to COL_INFO even when !tree.
Remove gotos.
Remove unnecessary includes.
svn path=/trunk/; revision=37403
The Locator/ID Separation Protocol [1] is being standardized within the IETF,
and it is nearing RFC status (pending security review). I have been maintaining
a dissector patch for about a year, see [2]. Feedback received indicates that,
among others, it is widely used by the developers of a large router vendor,
without issues.
In January I submitted the dissector for data plane packets as bug #5602, which
was committed as r35615. The patch attached to this bug adds support for
dissection of control plane packets.
[1] http://tools.ietf.org/html/draft-ietf-lisp
[2] http://lisp.ccaba.upc.edu/wireshark/
svn path=/trunk/; revision=36845
A new dissector for uTorrent Transport Protocol
From me :
* Add link to spec BEP-0029
* Add note about type/version
* Rework extensions loop
* Use 2-space indenting
svn path=/trunk/; revision=36715