Wireshark-dev: [Wireshark-dev] Generic Plugin
From: Sachin Gupta <sachgupta@xxxxxxxxx>
Date: Sun, 31 May 2009 00:19:13 +0530
Hi,
Please tell me how I can contribute it to Wireshark?
I hope nothing like this already exist.
regards
Sachin
Please tell me how I can contribute it to Wireshark?
I hope nothing like this already exist.
regards
Sachin
---------- Forwarded message ----------
From: Sachin Gupta <sachgupta@xxxxxxxxx>
Date: Thu, May 28, 2009 at 6:23 PM
Subject: Generic Plugin
To: guy@xxxxxxxxxxxx
Hi,
This generic plugin is at very nascent stage compared to wsgd.
The key idea behind this is simplicity. This plugin provide a very
easy xml interface to define the packet structure.This plugin presently
support protocol format with fixed fields, optional lengths, optional
fields, array fields, filters etc.
Some of the features available are -
1) Enum names for values.
2) It presently support only big endian format, little endian support is trivial to add.
3) It is presently workable for Linux only, can be ported for windows too.
Please see below example implementation -
Example 1-
<?xml version="1.0" encoding="utf-8"?>
<message name="ATTACH_ACCEPT" proto="EPS">
<type name="comp_field" >
<field name="FD1" type="uint32"/>
<field name="FD2" type="bytes" array_length="6"/>
</type>
<type name="comp_unord" desc="unordered" nametype="uint8">
<field name="complex1" value="3" type="bytes" array_length="2"/>
<field name="complex2" value="13" type="uint8"/>
<field name="complex3" value="37" type="uint16" />
</type>
<type name="comp_field_type">
<field name="FD1" type="uint32"/>
<field name="FD2" type="comp_unord"/>
<field name="FD3" type="uint8" array_length="end" />
</type>
<type name="optional_fields" desc="unordered" nametype="uint8">
<field name="complex field1" value="5" type="bytes" array_length="6"/>
<field name="complex field2" value="1" type="comp_field_type" type_length="8"/>
<field name="complex field3" value="37" type="uint16" type_length="Length" />
</type>
<body>
<field name="Bit_Field1" type="bits" array_length="2"/>
<field name="Bit_Field2" type="bits" array_length="3"/>
<field name="Bit_Field3" type="bits" array_length="5"/>
<field name="Field3" type="uint8"/>
<field name="Length" type="uint8"/>
<field name="field4" type="optional_fields" type_length="Length"/>
<field name="Bit_Field2" type="bits" array_length="14"/>
<field name="Bit_Field3" type="bits" array_length="16"/>
<field name="Bit_Field4" type="bits" array_length="10"/>
<field name="length_2" type="uint8"/>
<field name="array_field" type="uint32" array_length="length_2"/>
<field name="Correct Value" type="desc" option_field="Bit_Field2" option_value="5"/>
<field name="Test Field" type="bytes" array_length="5" option_field="Bit_Field2" option_value="<20"/>
<field name="field2" type="bytes" array_length="5"/>
<field name="Complex Field" type="comp_field" array_length="end"/>
</body>
</message>
Looking for reply.
thanks & regards
Sachin
From: Sachin Gupta <sachgupta@xxxxxxxxx>
Date: Thu, May 28, 2009 at 6:23 PM
Subject: Generic Plugin
To: guy@xxxxxxxxxxxx
Hi,
This generic plugin is at very nascent stage compared to wsgd.
The key idea behind this is simplicity. This plugin provide a very
easy xml interface to define the packet structure.This plugin presently
support protocol format with fixed fields, optional lengths, optional
fields, array fields, filters etc.
Some of the features available are -
1)
A standardized XML interface to define packet
format.
2)
Allows new packet formats to be added without
recompilation.
3)
Support all default type fields - uint32, uint16, uint24, uint6, bytes, bit, structs.
4)
Support complex fields like fields inside
fields.
5)
Support dynamic size fields in the message.
6)
Support optional fields in the message.
7)
Support Type-Length-Value, Length-Value and
Name-Value fields.
8)
Support bit fields upto 64bits.
9)
Support setting filters in Wireshark messages.
10)
Register with UDP port on runtime.
11) Support tlv inside tlv.
1) Enum names for values.
2) It presently support only big endian format, little endian support is trivial to add.
3) It is presently workable for Linux only, can be ported for windows too.
Please see below example implementation -
Example 1-
<?xml version="1.0" encoding="utf-8"?>
<message name="ATTACH_ACCEPT" proto="EPS">
<type name="comp_field" >
<field name="FD1" type="uint32"/>
<field name="FD2" type="bytes" array_length="6"/>
</type>
<type name="comp_unord" desc="unordered" nametype="uint8">
<field name="complex1" value="3" type="bytes" array_length="2"/>
<field name="complex2" value="13" type="uint8"/>
<field name="complex3" value="37" type="uint16" />
</type>
<type name="comp_field_type">
<field name="FD1" type="uint32"/>
<field name="FD2" type="comp_unord"/>
<field name="FD3" type="uint8" array_length="end" />
</type>
<type name="optional_fields" desc="unordered" nametype="uint8">
<field name="complex field1" value="5" type="bytes" array_length="6"/>
<field name="complex field2" value="1" type="comp_field_type" type_length="8"/>
<field name="complex field3" value="37" type="uint16" type_length="Length" />
</type>
<body>
<field name="Bit_Field1" type="bits" array_length="2"/>
<field name="Bit_Field2" type="bits" array_length="3"/>
<field name="Bit_Field3" type="bits" array_length="5"/>
<field name="Field3" type="uint8"/>
<field name="Length" type="uint8"/>
<field name="field4" type="optional_fields" type_length="Length"/>
<field name="Bit_Field2" type="bits" array_length="14"/>
<field name="Bit_Field3" type="bits" array_length="16"/>
<field name="Bit_Field4" type="bits" array_length="10"/>
<field name="length_2" type="uint8"/>
<field name="array_field" type="uint32" array_length="length_2"/>
<field name="Correct Value" type="desc" option_field="Bit_Field2" option_value="5"/>
<field name="Test Field" type="bytes" array_length="5" option_field="Bit_Field2" option_value="<20"/>
<field name="field2" type="bytes" array_length="5"/>
<field name="Complex Field" type="comp_field" array_length="end"/>
</body>
</message>
Looking for reply.
thanks & regards
Sachin
Attachment:
snap3.JPG
Description: JPEG image
- Follow-Ups:
- Re: [Wireshark-dev] Generic Plugin
- From: Aaron Turner
- Re: [Wireshark-dev] Generic Plugin
- From: Guy Harris
- Re: [Wireshark-dev] Generic Plugin
- Prev by Date: Re: [Wireshark-dev] protocol translation
- Next by Date: [Wireshark-dev] buildbot failure in Wireshark (development) on Solaris-10-SPARC
- Previous by thread: [Wireshark-dev] Generic Plugin
- Next by thread: Re: [Wireshark-dev] Generic Plugin
- Index(es):