From 8336c8ed14663b8500f8cc87ab83d1e0272d4e24 Mon Sep 17 00:00:00 2001
From: Martin Lenders <mlenders@inf.fu-berlin.de>
Date: Sat, 8 Feb 2014 18:45:30 +0100
Subject: [PATCH] Add wireshark dissector for native packets

---
 dist/tools/wireshark_dissector/README.md | 25 ++++++++++
 dist/tools/wireshark_dissector/riot.lua  | 61 ++++++++++++++++++++++++
 2 files changed, 86 insertions(+)
 create mode 100644 dist/tools/wireshark_dissector/README.md
 create mode 100644 dist/tools/wireshark_dissector/riot.lua

diff --git a/dist/tools/wireshark_dissector/README.md b/dist/tools/wireshark_dissector/README.md
new file mode 100644
index 0000000000..e8b30b995f
--- /dev/null
+++ b/dist/tools/wireshark_dissector/README.md
@@ -0,0 +1,25 @@
+# RIOT native wireshark dissector
+This allows wireshark to parse packets send over TAP by RIOT's native.
+
+## Installation
+Just copy the script ``riot.lua`` to ``$HOME/.wireshark/plugins`` and restart
+Wireshark.
+
+## Usage
+### Debian/Ubuntu
+Ensure that dumpcat is available for you as non-superusers:
+
+```bash
+sudo dpkg-reconfigure wireshark-common
+sudo usermod -a -G wireshark $USER
+```
+
+## Configuration
+Depending on what you want to send over the native TAP you might want to change
+the next header dissector. Currently we have included the dissectors for 
+IEEE 802.15.4 and 6LoWPAN into the script file, but anything is thinkable.
+Refer to the wireshark manual to get the protocol names, e.g.:
+
+```lua
+    local next_dis = Dissector.get("ipv6")
+```
diff --git a/dist/tools/wireshark_dissector/riot.lua b/dist/tools/wireshark_dissector/riot.lua
new file mode 100644
index 0000000000..53d687844c
--- /dev/null
+++ b/dist/tools/wireshark_dissector/riot.lua
@@ -0,0 +1,61 @@
+-- RIOT native support for Wireshark
+-- A Lua implementation for dissection of RIOT native packets in wireshark
+-- @Version: 0.0.1
+-- @Author: Martin Lenders
+-- @E-Mail: mlenders@inf.fu-berlin.de
+
+do
+    --Protocol name "RIOT"
+    local p_riot = Proto("RIOT", "RIOT native packet")
+
+    --Protocol Fields
+    local f_length = ProtoField.uint16("RIOT.length", "Length", base.DEC, nil)
+    local f_dst = ProtoField.uint16("RIOT.dst", "Destination", base.DEC, nil)
+    local f_src = ProtoField.uint16("RIOT.src", "Source", base.DEC, nil)
+    
+    p_riot.fields = { f_length, f_dst, f_src }
+
+    local data_dis = Dissector.get("data")
+    -- local next_dis = Dissector.get("6lowpan")   -- for 6LoWPAN
+    local next_dis = Dissector.get("wpan")      -- for IEEE 802.15.4
+
+    function riot_dissector(buf, pkt, root)
+        local buf_len = buf:len()
+        local riot_tree = root:add(p_riot, buf)
+        
+        if buf_len < 6 then return false end
+
+        local packet_len = buf(0,2):uint()
+        local dst = buf(2,2):uint()
+        local src = buf(4,2):uint()
+
+        if buf_len - 6 ~= packet_len then return false end
+
+        riot_tree:append_text(", Dst: ")
+        riot_tree:append_text(dst)
+        riot_tree:append_text(", Src: ")
+        riot_tree:append_text(src)
+        riot_tree:append_text(", Length: ")
+        riot_tree:append_text(packet_len)
+
+        riot_tree:add(f_length, buf(0, 2))
+        riot_tree:add(f_dst, buf(2, 2))
+        riot_tree:add(f_src, buf(4, 2))
+        
+        next_dis:call(buf(6, packet_len):tvb(),pkt,root) 
+
+        return true        
+    end
+
+    function p_riot.dissector(buf, pkt, root)
+        if not riot_dissector(buf, pkt, root) then
+            data_dis:call(buf, pkt, root)
+        end
+    end
+
+    local eth_encap_table = DissectorTable.get("ethertype")
+
+    --handle ethernet type 0x1234
+    
+    eth_encap_table:add(0x1234, p_riot)
+end
-- 
GitLab