1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
-- Wireshark plugin
-- Use following filter: _ws.col.protocol == "SOLEC"
solec = Proto("SOLEC", "SOLEC Protocol")
s_datatype = ProtoField.uint8("solec.datatype", "Datatype", base.HEX, {
[0x01] = "handshake",
[0x02] = "ping",
[0x03] = "pong",
[0x04] = "message",
[0xFF] = "test",
})
s_handshake_version = ProtoField.uint8("solec.handshake.version", "Protocol version", base.HEX)
s_pong_timestamp = ProtoField.uint64("solec.pong.timestamp", "Timestamp", base.DEC)
solec.fields = { s_datatype, s_handshake_version, s_pong_timestamp }
function solec.dissector(buffer, pinfo, tree)
length = buffer:len()
if length == 0 then
return
end
pinfo.cols.protocol = solec.name
local subtree = tree:add(solec, buffer(), "SOLEC Protocol Data")
local dtype = buffer(0,1):uint()
subtree:add_le(s_datatype, dtype)
if dtype == 01 then
local subtree = tree:add(solec, buffer(), "Handshake")
subtree:add_le(s_handshake_version, buffer(1, 1):uint())
elseif dtype == 0x03 then
local subtree = tree:add(solec, buffer(), "Pong")
local timestamp = buffer(1, 8):uint64()
subtree:add(s_pong_timestamp, timestamp):append_text(" (" .. os.date('%Y/%m/%d %X', tonumber(timestamp)) .. ")")
end
end
local tcp_port = DissectorTable.get("tcp.port")
tcp_port:add(9999, solec)
|
