Add wireshark dissector for native packets

2025-01-18 12:52:44 +01:00 · 2014-02-08 18:45:30 +01:00 · 2014-02-08 18:45:30 +01:00 · 8336c8ed14
commit 8336c8ed14
parent 7ccf0e0858
2 changed files with 86 additions and 0 deletions
--- a/dist/tools/wireshark_dissector/README.md
+++ b/dist/tools/wireshark_dissector/README.md
@ -0,0 +1,25 @@
 # RIOT native wireshark dissector
 This allows wireshark to parse packets send over TAP by RIOT's native.
 ## Installation
 Just copy the script ``riot.lua`` to ``$HOME/.wireshark/plugins`` and restart
 Wireshark.
 ## Usage
 ### Debian/Ubuntu
 Ensure that dumpcat is available for you as non-superusers:
 ```bash
 sudo dpkg-reconfigure wireshark-common
 sudo usermod -a -G wireshark $USER
 ```
 ## Configuration
 Depending on what you want to send over the native TAP you might want to change
 the next header dissector. Currently we have included the dissectors for 
 IEEE 802.15.4 and 6LoWPAN into the script file, but anything is thinkable.
 Refer to the wireshark manual to get the protocol names, e.g.:
 ```lua
    local next_dis = Dissector.get("ipv6")
 ```
--- a/dist/tools/wireshark_dissector/riot.lua
+++ b/dist/tools/wireshark_dissector/riot.lua
@ -0,0 +1,61 @@
 -- RIOT native support for Wireshark
 -- A Lua implementation for dissection of RIOT native packets in wireshark
 -- @Version: 0.0.1
 -- @Author: Martin Lenders
 -- @E-Mail: mlenders@inf.fu-berlin.de
 do
    --Protocol name "RIOT"
    local p_riot = Proto("RIOT", "RIOT native packet")
    --Protocol Fields
    local f_length = ProtoField.uint16("RIOT.length", "Length", base.DEC, nil)
    local f_dst = ProtoField.uint16("RIOT.dst", "Destination", base.DEC, nil)
    local f_src = ProtoField.uint16("RIOT.src", "Source", base.DEC, nil)
    p_riot.fields = { f_length, f_dst, f_src }
    local data_dis = Dissector.get("data")
    -- local next_dis = Dissector.get("6lowpan")   -- for 6LoWPAN
    local next_dis = Dissector.get("wpan")      -- for IEEE 802.15.4
    function riot_dissector(buf, pkt, root)
        local buf_len = buf:len()
        local riot_tree = root:add(p_riot, buf)
        if buf_len < 6 then return false end
        local packet_len = buf(0,2):uint()
        local dst = buf(2,2):uint()
        local src = buf(4,2):uint()
        if buf_len - 6 ~= packet_len then return false end
        riot_tree:append_text(", Dst: ")
        riot_tree:append_text(dst)
        riot_tree:append_text(", Src: ")
        riot_tree:append_text(src)
        riot_tree:append_text(", Length: ")
        riot_tree:append_text(packet_len)
        riot_tree:add(f_length, buf(0, 2))
        riot_tree:add(f_dst, buf(2, 2))
        riot_tree:add(f_src, buf(4, 2))
        next_dis:call(buf(6, packet_len):tvb(),pkt,root) 
        return true        
    end
    function p_riot.dissector(buf, pkt, root)
        if not riot_dissector(buf, pkt, root) then
            data_dis:call(buf, pkt, root)
        end
    end
    local eth_encap_table = DissectorTable.get("ethertype")
    --handle ethernet type 0x1234
    eth_encap_table:add(0x1234, p_riot)
 end