Skip to content

Instantly share code, notes, and snippets.

@ichramm

ichramm/dissector.cpp

Created October 10, 2020 13:21
Show Gist options
  • Save ichramm/86e9fe2b92131512dafae61d0ccea384 to your computer and use it in GitHub Desktop.
Save ichramm/86e9fe2b92131512dafae61d0ccea384 to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. ichramm created this gist Oct 10, 2020.
    100 changes: 100 additions & 0 deletions dissector.cpp
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,100 @@
    /*!
    * \file wireshark_dissector.cpp
    * \author ichramm
    *
    * \date 2020-09-08
    */

    #include <iostream>

    #include "config.h"
    #include <epan/packet.h>
    #include <glib-2.0/glib/gtypes.h>


    //#include "edn.hpp"


    #define PROTO_PORT 43210

    static int proto_prismade = -1;
    static int hf_prismade_pdu_size = -1;
    static int hf_prismade_pdu_data = -1;
    static gint ett_prismade = -1;

    int plugin_version = 0x010001;
    int plugin_want_major = 3;
    int plugin_want_minor = 2;


    void proto_register_prismade(void) {
    static hf_register_info hf[] = {
    { &hf_prismade_pdu_size,
    { "Length", "prisma.de.length",
    FT_UINT32, BASE_DEC,
    NULL, 0x0,
    NULL, HFILL
    }
    },
    { &hf_prismade_pdu_data,
    { "Data", "prisma.de.data",
    FT_STRING, BASE_NONE,
    NULL,
    0x0,
    NULL, HFILL
    }
    }
    };

    /* Setup protocol subtree array */
    static gint *ett[] = {
    &ett_prismade
    };

    proto_prismade = proto_register_protocol (
    "PrismaDE Protocol", /* name */
    "PrismaDE", /* short_name */
    "prismade" /* filter_name */
    );

    proto_register_field_array(proto_prismade, hf, array_length(hf));
    proto_register_subtree_array(ett, array_length(ett));
    }

    static int dissect_prismade(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree _U_, void *data _U_) {
    gint offset = 0;

    col_set_str(pinfo->cinfo, COL_PROTOCOL, "PrismaDE");

    /* Clear the info column */
    col_clear(pinfo->cinfo, COL_INFO);

    proto_item *ti = proto_tree_add_item(tree, proto_prismade, tvb, 0, -1, ENC_NA);
    proto_tree *prismade_tree = proto_item_add_subtree(ti, ett_prismade);
    proto_tree_add_item(prismade_tree, hf_prismade_pdu_size, tvb, offset, 4, ENC_BIG_ENDIAN);


    offset += 4;

    // TODO: Parse and show sub-sub tree
    proto_tree_add_item(prismade_tree, hf_prismade_pdu_data, tvb, offset, tvb_ensure_captured_length_remaining(tvb, offset), ENC_NA);

    return tvb_captured_length(tvb);
    }

    void proto_reg_handoff_prismade(void) {
    static dissector_handle_t prismade_handle;

    prismade_handle = create_dissector_handle(dissect_prismade, proto_prismade);
    dissector_add_uint("tcp.port", PROTO_PORT, prismade_handle);
    }


    extern "C" void plugin_register(void) {
    static proto_plugin plugin_foo;

    plugin_foo.register_protoinfo = proto_register_prismade;
    plugin_foo.register_handoff = proto_reg_handoff_prismade;
    proto_register_plugin(&plugin_foo);
    }