分类: 系统运维
2010-06-23 20:27:30
|
do
--Ucp1解析 local p_ucp1 = Proto("Ucp1","User Customizing protocol1") local f_version = ProtoField.bytes("Ucp1.version","Version") local f_code = ProtoField.bytes("Ucp1.code","Code") local f_reserve = ProtoField.bytes("Ucp1.reserve","Reserve") local f_protocol = ProtoField.uint8("Ucp1.protocol","Protocol",base.HEX,{ [0] = "Ucp0", [1] = "Ucp2"}) local f_id1 = ProtoField.uint16("Ucp1.id1","ID1") local f_id2 = ProtoField.uint16("Ucp1.id2","ID2") local f_options = ProtoField.uint16("Ucp1.options","Options") local f_length = ProtoField.uint16("Ucp1.length","Length") p_ucp1.fields = { f_version, f_code, f_reserve, f_protocol, f_id1, f_id2, f_options, f_length} --Ucp2解析
local p_ucp2 = Proto("Ucp2","User Customizing protocol2") local f_msg_type = ProtoField.bytes("Ucp2.msg_type","Message Type") local f_send_no = ProtoField.uint8("Ucp2.send_no","Send Number") local f_ucp2_length = ProtoField.uint16("Ucp2.length","Length") p_ucp2.fields = { f_msg_type, f_send_no, f_ucp2_length} --PPP解析
local p_ppp = Proto("PPP-u","Point to point protocol") local f_ppp_protocol = ProtoField.uint16("ppp-u.protocol","Protocol Type",base.HEX,{ [33] = "IP"}) p_ppp.fields = { f_ppp_protocol} local data_dis = Dissector.get("data")
--Ucp1詳細解析method
local function Ucp1_dissector(buf,pkt,root) local buf_len = buf:len(); if buf_len < 12 then return false end local v_version = buf(0,1) local v_code = buf(1,1) local v_reserve = buf(2,1) local v_protocol = buf(3,1) local v_id1 = buf(4,2) local v_id2 = buf(6,2) local v_options = buf(8,2) local v_length = buf(10,2) local t = root:add(p_ucp1,buf(0, buf_len)) pkt.cols.protocol = "Ucp1" pkt.cols.info = "user customizing protocol 1" t:add(f_version,v_version) t:add(f_code,v_code) t:add(f_reserve,v_reserve) t:add(f_protocol,v_protocol) t:add(f_id1,v_id1) t:add(f_id2,v_id2) t:add(f_options,v_options) t:add(f_length,v_length) return true
end --Ucp2詳細解析method
local function Ucp2_dissector(buf,pkt,root) local buf_len = buf:len(); if buf_len < 20 then return false end local v_msg_type = buf(0,1)
local v_send_no = buf(1,1) local v_ucp2_length = buf(2,2) local s = root:add(p_ucp2,buf(0, buf_len))
pkt.cols.protocol = "Ucp2" pkt.cols.info = "user customizing protocol 2 (- v -)" s:add(f_msg_type,v_msg_type) s:add(f_send_no,v_send_no) s:add(f_ucp2_length,v_ucp2_length) return true end --P2P詳細解析method
local function PPP_dissector(buf,pkt,root) local buf_len = buf:len(); if buf_len < 18 then return false end local v_ppp_protocol = buf(16,2)
local s = root:add(p_ppp,buf(16,2))
pkt.cols.protocol = "point to point protocol" pkt.cols.info = "point to point protocol" s:add(f_ppp_protocol,v_ppp_protocol) return true end --Ucp1解析 function p_ucp1.dissector(buf,pkt,root) if Ucp1_dissector(buf,pkt,root) then ucp2_buf = buf(12, buf:len()-12):tvb() if Ucp2_dissector(ucp2_buf,pkt,root) then PPP_dissector(buf,pkt,root) ip_dissector = Dissector.get("ip") sub_buf = buf(18, buf:len()-34):tvb() ip_dissector:call( sub_buf, pkt, root ) else data_dis:call(buf,pkt,root) end --DissectorTable.new("Ucp1.protocol", [1], [type], [base]) --valid UCP1 diagram else data_dis:call(buf,pkt,root) end end local udp_encap_table = DissectorTable.get("udp.port") udp_encap_table:add(40001,p_ucp1) end |
