Split TTTTT

tagnames = {} --array with key as tag (1001) and vaue is tag name
(PARAM_SUBMISSION_ID)
descriptions = {}
datatypes = {}
sizes = {}
parsedvalue = {}
function get_config (conf_file_name)

-- Open a file for read an test that it worked
fh,err = io.open(conf_file_name)
if err then return err; end -- Failed
-- line by line
local tagname
local lines_count = 0;
while true do
line = fh:read()
if line == nil and lines_count == 0 then fh:close() return 1 end --
Failed
if line == nil then fh:close() break end
lines_count = lines_count + 1;
words = string.gmatch(line, '([^,]+)')
i = 0
for word in words do
if (i == 0) then
--tagname = tostring(tonumber (word, 16))
tagname = word
end
if (i == 1) then
tagnames[tagname] = word
end
if (i == 2) then
descriptions[tagname] = word
end
if (i == 3) then
datatypes[tagname] = word
end
--[[ if (i == 4) then
sizes[tagname] = word
i = 0 break
end--]]
i= i+1
end
end
return 0 --Success
end
-- Create a new dissector

MYPROTO = Proto ("myproto", "My Simple Proto \n ----tlvHEAD---- ")
-- The dissector function
-- Create the pdu fields
local f = MYPROTO.fields
local formats = { "Hex", "Decimal", [10] = "Special"}
f.Tlv_Len = ProtoField.uint32 ("myproto.Tlv_Len", "TLV_LEN")
f.pdu_size = ProtoField.uint32 ("myproto.pdu_size", "PDU Size")
f.cmd_id = ProtoField.uint32 ("myproto.cmd_id", "Commad_ID")
f.status = ProtoField.uint32 ("myproto.status", "Status")
f.sequence = ProtoField.uint32 ("myproto.sequence", "Sequence")
f.tag = ProtoField.bytes ("myproto.tag","Tag")
f.length = ProtoField.uint32 ("myproto.length","Length")
f.value = ProtoField.bytes ("myproto.value","Value")
f.packet_dump = ProtoField.bytes ("myproto.value","Packet dump")
f.packet = ProtoField.bytes ("myproto.value","Pdu")
f.tagnames = ProtoField.string ("myproto.tagnames","Tag name")
f.descriptions = ProtoField.string ("myproto.descriptions", "Description")
f.datatypes = ProtoField.string ("myproto.datatypes", "Data type")
f.parsedvalueuint64 = ProtoField.uint64 ("myproto.parsedvalueuint64",
"ParsedValue")
f.parsedvaluestring = ProtoField.string ("myproto.parsedvaluestring",
"ParsedValue")
f.parsedvalueuint8 = ProtoField.uint8 ("myproto.parsedvalueuint8", "ParsedValue")
f.parsedvalueuint32 = ProtoField.uint32 ("myproto.parsedvalueuint32",
"ParsedValue")
f.error = ProtoField.string ("myproto.error"," data")
-- f.sizes = ProtoField.string ("myproto.sizes", "Size")

f.tlvbody = ProtoField.uint8 ("myproto.tlvbody","----TlvBody----")
-- A initialization routine
local packet_counter
function MYPROTO.init ()
packet_counter = 0
status = get_config ("C:\\Program Files\\Wireshark\\plugins\\tags.conf")
end
-- The dissector function
function MYPROTO.dissector (buffer, pinfo, tree)
-- Adding fields to the tree
local subtree = tree:add (MYPROTO, buffer())
local offset = 0
pdu_len = buffer:len()
subtree:add (f.packet, buffer(0,pdu_len))
if (pdu_len < 16) then
subtree:add (f.error, "PDU too small. PDU length = 0x"..tonumber(pdu_len,
16).." bytes")
subtree:add (f.packet_dump, buffer(0,pdu_len))
return
end
subtree:add (f.pdu_size, pdu_len)

local Tlv_Len = buffer (offset, 4)
if (pdu_len ~= Tlv_Len:uint()) then

subtree:add (f.error, "TLV length is bigger than the payload.".." Payload =
"..pdu_len..", TLV length = "..tonumber(tostring(Tlv_Len), 16))
return
end
subtree:add (f.Tlv_Len, Tlv_Len)
-- subtree:append_text (", TLV_LEN: " .. Tlv_Len:uint())
offset = offset + 4
local cmd_id = buffer (offset, 4)
subtree:add (f.cmd_id, cmd_id)
offset = offset + 4
local status = buffer (offset, 4)
subtree:add (f.status, status)
offset = offset + 4
local sequence = buffer (offset, 4)
subtree:add (f.sequence, sequence)
offset = offset + 4
n=1
if (offset == Tlv_Len:uint()) then
subtree:add (f.error, "TLS body is empty")
return
end
while (offset < Tlv_Len:uint())

do
-- TLV must be at least 6 bytes
if (Tlv_Len:uint() < (offset + 6)) then
subtree:add (f.error, "TLS body is too small to decode")
return
end
subtree:add(f.tlvbody,n)
n = n+1
tag = buffer(offset, 2)
subtree:add (f.tag,tag)
offset = offset + 2
local length = buffer (offset, 4)
subtree:add (f.length, length)
length = length:uint()
offset = offset + 4
-- TLV length must be less than remaining bytes in the PDU
if ((pdu_len - offset) < length) then
subtree:add (f.error, "TLV length is too big "..pdu_len - offset.."
"..offset.." "..length)
return
end
value = buffer(offset, length)
subtree:add (f.value,value)
offset = offset + length

subtree:add (f.tagnames, tagnames ["0x"..tag])
subtree:add (f.descriptions, descriptions["0x"..tag])
subtree:add (f.datatypes, datatypes["0x"..tag])
-- local tt= tostring(value)
if (datatypes["0x"..tag] == "TLV_TYPE_INT_SIZE_1")
then
subtree:add (f.parsedvalueuint8, value)
end
then
end
if (datatypes["0x"..tag] == "TLV_TYPE_C_OCTSTR")
then
subtree:add (f.parsedvaluestring, value)
end
then
end
-- subtree:add (f.sizes, sizes["0x"..tag])

end
end
-- Register the dissector

local tcp_table = DissectorTable.get ("tcp.port")
tcp_table:add (8080, MYPROTO)
-- Create a new postdissector
MYPOST = Proto ("mypost", "My Post Dissector")
function MYPOST.dissector (buffer, pinfo, tree)
end
register_postdissector (MYPOST)

Split TTTTT

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Split TTTTT

Încărcat de

Drepturi de autor:

Formate disponibile

tagnames = {} --array with key as tag (1001) and vaue is tag name

function get_config (conf_file_name)

-- Create a new dissector

-- f.sizes = ProtoField.string ("myproto.sizes", "Size")

subtree:add (f.pdu_size, pdu_len)

if (pdu_len ~= Tlv_Len:uint()) then

while (offset < Tlv_Len:uint())

offset = offset + length

-- subtree:add (f.sizes, sizes["0x"..tag])

-- Register the dissector

function MYPOST.dissector (buffer, pinfo, tree)

S-ar putea să vă placă și