Add initial wireshark lua dissector for rcapi protocol
Just put rcapi.lua (or a symlink to it) into ~/.local/lib/wireshark/plugins/ and you get basic rcapi dissection capability
This commit is contained in:
parent
04af6074f5
commit
987ac49249
|
|
@ -0,0 +1,124 @@
|
|||
|
||||
rcapi_protocol = Proto("rcapi", "Remote CAPI protocol")
|
||||
|
||||
-- table from libcapi20/capicmd.h
|
||||
local command_ids = {
|
||||
[0xf2ff] = "RCAPI_REGISTER_REQ",
|
||||
[0xf3ff] = "RCAPI_REGISTER_CONF",
|
||||
[0xfaff] = "RCAPI_GET_MANUFACTURER_REQ",
|
||||
[0xfbff] = "RCAPI_GET_MANUFACTURER_CONF",
|
||||
[0xfcff] = "RCAPI_GET_VERSION_REQ",
|
||||
[0xfdff] = "RCAPI_GET_VERSION_CONF",
|
||||
[0xfeff] = "RCAPI_GET_SERIAL_NUMBER_REQ",
|
||||
[0xffff] = "RCAPI_GET_SERIAL_NUMBER_CONF",
|
||||
[0xe0ff] = "RCAPI_GET_PROFILE_REQ",
|
||||
[0xe1ff] = "RCAPI_GET_PROFILE_CONF",
|
||||
[0xff00] = "RCAPI_AUTH_USER_REQ",
|
||||
[0xff01] = "RCAPI_AUTH_USER_CONF",
|
||||
|
||||
[0x8080] = "CAPI_FACILITY_REQ",
|
||||
[0x8081] = "CAPI_FACILITY_CONF",
|
||||
[0x8082] = "CAPI_FACILITY_IND",
|
||||
[0x8083] = "CAPI_FACILITY_RESP",
|
||||
|
||||
[0x0180] = "CAPI_ALERT_REQ",
|
||||
[0x0181] = "CAPI_ALERT_CONF",
|
||||
|
||||
[0x0280] = "CAPI_CONNECT_REQ",
|
||||
[0x0281] = "CAPI_CONNECT_CONF",
|
||||
[0x0282] = "CAPI_CONNECT_IND",
|
||||
[0x0283] = "CAPI_CONNECT_RESP",
|
||||
|
||||
[0x8280] = "CAPI_CONNECT_B3_REQ",
|
||||
[0x8281] = "CAPI_CONNECT_B3_CONF",
|
||||
[0x8282] = "CAPI_CONNECT_B3_IND",
|
||||
[0x8283] = "CAPI_CONNECT_B3_RESP",
|
||||
|
||||
[0x0380] = "CAPI_CONNECT_ACTIVE_REQ",
|
||||
[0x0381] = "CAPI_CONNECT_ACTIVE_CONF",
|
||||
[0x0382] = "CAPI_CONNECT_ACTIVE_IND",
|
||||
[0x0383] = "CAPI_CONNECT_ACTIVE_RESP",
|
||||
|
||||
[0x8380] = "CAPI_CONNECT_B3_ACTIVE_REQ",
|
||||
[0x8381] = "CAPI_CONNECT_B3_ACTIVE_CONF",
|
||||
[0x8382] = "CAPI_CONNECT_B3_ACTIVE_IND",
|
||||
[0x8383] = "CAPI_CONNECT_B3_ACTIVE_RESP",
|
||||
|
||||
[0x0480] = "CAPI_DISCONNECT_REQ",
|
||||
[0x0481] = "CAPI_DISCONNECT_CONF",
|
||||
[0x0482] = "CAPI_DISCONNECT_IND",
|
||||
[0x0483] = "CAPI_DISCONNECT_RESP",
|
||||
|
||||
[0x8480] = "CAPI_DISCONNECT_B3_REQ",
|
||||
[0x8481] = "CAPI_DISCONNECT_B3_CONF",
|
||||
[0x8482] = "CAPI_DISCONNECT_B3_IND",
|
||||
[0x8483] = "CAPI_DISCONNECT_B3_RESP",
|
||||
|
||||
[0x0580] = "CAPI_LISTEN_REQ",
|
||||
[0x0581] = "CAPI_LISTEN_CONF",
|
||||
|
||||
[0x8680] = "CAPI_DATA_B3_REQ",
|
||||
[0x8681] = "CAPI_DATA_B3_CONF",
|
||||
[0x8682] = "CAPI_DATA_B3_IND",
|
||||
[0x8683] = "CAPI_DATA_B3_RESP",
|
||||
|
||||
[0x8780] = "CAPI_RESET_B3_REQ",
|
||||
[0x8781] = "CAPI_RESET_B3_CONF",
|
||||
[0x8782] = "CAPI_RESET_B3_IND",
|
||||
[0x8783] = "CAPI_RESET_B3_RESP",
|
||||
|
||||
[0x8882] = "CAPI_CONNECT_B3_T90_ACTIVE_IND",
|
||||
[0x8883] = "CAPI_CONNECT_B3_T90_ACTIVE_RESP",
|
||||
|
||||
[0x0880] = "CAPI_INFO_REQ",
|
||||
[0x0881] = "CAPI_INFO_CONF",
|
||||
[0x0882] = "CAPI_INFO_IND",
|
||||
[0x0883] = "CAPI_INFO_RESP",
|
||||
|
||||
[0x4180] = "CAPI_SELECT_B_PROTOCOL_REQ",
|
||||
[0x4181] = "CAPI_SELECT_B_PROTOCOL_CONF",
|
||||
}
|
||||
|
||||
|
||||
local f_msg_len = ProtoField.uint16("rcapi.msg_len", "Message Length", base.DEC)
|
||||
local f_capi_len = ProtoField.uint16("rcapi.capi_len", "CAPI Message Length")
|
||||
local f_command_id = ProtoField.uint16("rcapi.command_id", "Command ID", base.HEX_DEC, command_ids)
|
||||
|
||||
rcapi_protocol.fields = {
|
||||
f_msg_len, f_capi_len, f_command_id,
|
||||
}
|
||||
|
||||
local function rcapi_dissect_pdu(buffer, pinfo, tree)
|
||||
length = buffer:len()
|
||||
if length == 0 then return end
|
||||
|
||||
pinfo.cols.protocol = rcapi_protocol.name
|
||||
|
||||
local subtree = tree:add(rcapi_protocol, buffer(), "RCAPI Data")
|
||||
local command_id = buffer(6,2):uint()
|
||||
|
||||
subtree:add(f_msg_len, buffer(0,2))
|
||||
subtree:add_le(f_capi_len, buffer(2,2))
|
||||
subtree:add(f_command_id, command_id)
|
||||
|
||||
pinfo.cols.info = string.format("%s", command_ids[command_id])
|
||||
end
|
||||
|
||||
-- A Lua function that will be called for each PDU, to determine the
|
||||
-- full length of the PDU. The called function will be given (1) the Tvb
|
||||
-- object of the whole Tvb (possibly reassembled), (2) the Pinfo object,
|
||||
-- and (3) an offset number of the index of the first byte of the PDU
|
||||
-- (i.e., its first header byte). The Lua function must return a Lua
|
||||
-- number of the full length of the PDU.
|
||||
local function rcapi_get_len_func(tvb, pinfo, offset)
|
||||
return tvb:range(offset, 2):uint()
|
||||
end
|
||||
|
||||
function rcapi_protocol.dissector(tvb, pinfo, tree)
|
||||
dissect_tcp_pdus(tvb, tree, 12, rcapi_get_len_func, rcapi_dissect_pdu)
|
||||
return tvb:len()
|
||||
end
|
||||
|
||||
function rcapi_protocol.init()
|
||||
DissectorTable.get("tcp.port"):add(2662, rcapi_protocol)
|
||||
end
|
||||
Loading…
Reference in New Issue