diff options
| author | bt <bt@rctt.net> | 2026-03-08 21:26:43 +0100 |
|---|---|---|
| committer | bt <bt@rctt.net> | 2026-03-08 21:26:43 +0100 |
| commit | cfcb226d3834c00414f4aa57b8f94060b45bb072 (patch) | |
| tree | f9947c658828a0b56feada62d28bfe720d6ce65f | |
| parent | e3378f4bc4f89307249cc5d4bd97a5a5e5630cdf (diff) | |
| download | solec-cfcb226d3834c00414f4aa57b8f94060b45bb072.tar.gz solec-cfcb226d3834c00414f4aa57b8f94060b45bb072.zip | |
Add Wireshark plugin
| -rw-r--r-- | solec.lua | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/solec.lua b/solec.lua new file mode 100644 index 0000000..a367358 --- /dev/null +++ b/solec.lua @@ -0,0 +1,43 @@ +-- Wireshark plugin +-- Use following filter: _ws.col.protocol == "SOLEC" + +solec = Proto("SOLEC", "SOLEC Protocol") + +s_datatype = ProtoField.uint8("solec.datatype", "Datatype", base.HEX, { + [0x01] = "handshake", + [0x02] = "ping", + [0x03] = "pong", + [0x04] = "message", + [0xFF] = "test", +}) + +s_handshake_version = ProtoField.uint8("solec.handshake.version", "Protocol version", base.HEX) +s_pong_timestamp = ProtoField.uint64("solec.pong.timestamp", "Timestamp", base.DEC) + +solec.fields = { s_datatype, s_handshake_version, s_pong_timestamp } + +function solec.dissector(buffer, pinfo, tree) + length = buffer:len() + if length == 0 then + return + end + + pinfo.cols.protocol = solec.name + + local subtree = tree:add(solec, buffer(), "SOLEC Protocol Data") + local dtype = buffer(0,1):uint() + + subtree:add_le(s_datatype, dtype) + + if dtype == 01 then + local subtree = tree:add(solec, buffer(), "Handshake") + subtree:add_le(s_handshake_version, buffer(1, 1):uint()) + elseif dtype == 0x03 then + local subtree = tree:add(solec, buffer(), "Pong") + local timestamp = buffer(1, 8):uint64() + subtree:add(s_pong_timestamp, timestamp):append_text(" (" .. os.date('%Y/%m/%d %X', tonumber(timestamp)) .. ")") + end +end + +local tcp_port = DissectorTable.get("tcp.port") +tcp_port:add(9999, solec) |