用于wireshark在3.2版本前没有解析SOME/IP协议的帮助脚本
-- SOME/IP Protocol
-- declare our protocol
local tempstr
someip_proto = Proto("someip","SOME/IP Protocol")
serviceId = ProtoField.uint16(
"someip.service",
"Service Id",
base.HEX)
methodId = ProtoField.uint16(
"someip.method",
"Method Id",
base.HEX)
length = ProtoField.uint32(
"someip.length",
"Length",
base.DEC)
clientId = ProtoField.uint16(
"someip.client",
"Client Id",
base.HEX)
sessionId = ProtoField.uint16(
"someip.session",
"Session Id",
base.HEX)
protocolVersion = ProtoField.uint8(
"someip.protocol",
"Protocol Version",
base.HEX)
interfaceVersion = ProtoField.uint8(
"someip.interface",
"Interface Version",
base.HEX)
messageType = ProtoField.uint8(
"someip.messagetype",
"Message Type",
base.HEX)
returnCode = ProtoField.uint8(
"someip.returncode",
"Return Code",
base.HEX)
entriesLength = ProtoField.uint32(
"someip.entrieslength",
"Length of Entries Array",
base.DEC)
optionsLength = ProtoField.uint32(
"someip.optionslength",
"Length of Options Array",
base.DEC)
portNumber = ProtoField.uint32(
"someip.portnumber",
"Port Number",
base.DEC)
ipv4 = ProtoField.new(
"IPv4-Address",
"someip.ipv4",
ftypes.IPv4)
someip_proto.fields = {
serviceId,
methodId,
length,
clientId,
sessionId,
protocolVersion,
interfaceVersion,
messageType,
returnCode,
entriesLength,
optionsLength,
portNumber,
ipv4
}
-- create a function to dissect it
function someip_proto.dissector(buffer,pinfo,tree)
pinfo.cols.protocol = "SOME/IP"
local subtree = tree:add(someip_proto,buffer(),"SOME/IP Protocol Data")
subtree:add(serviceId, buffer(0,2))
subtree:add(methodId, buffer(2,2))
subtree:add(length, buffer(4,4))
subtree:add(clientId, buffer(8,2))
subtree:add(sessionId, buffer(10,2))
subtree:add(protocolVersion, buffer(12,1))
subtree:add(interfaceVersion, buffer(13,1))
--subtree:add(messageType, buffer(14,1))
--subtree:add(returnCode, buffer(15,1))
if buffer(14,1):uint() == 0x00 then
typestr = "REQUEST"
elseif buffer(14,1):uint() == 0x01 then
typestr = "REQUEST_NO_RETURN"
elseif buffer(14,1):uint() == 0x02 then
typestr = "NOTIFICATION"
elseif buffer(14,1):uint() == 0x80 then
typestr = "RESPONSE"
elseif buffer(14,1):uint() == 0x81 then
typestr = "ERROR"
else
typestr = "UNKOWN"
end
subtree:add(buffer(14.1), "Message Type:"..buffer(14,1).."-"..typestr)
local retCode = buffer(15,1):uint()
if retCode == 0x00 then
typestr = "E_OK"
elseif retCode == 0x01 then
typestr = "E_NOT_OK"
elseif retCode == 0x02 then
typestr = "E_UNKNOWN_SERVICE"
elseif retCode == 0x03 then
typestr = "E_UNKNOWN_METHOD"
elseif retCode == 0x04 then
typestr = "E_NOT_READY"
elseif retCode == 0x05 then
typestr = "E_REACHABLE"
elseif retCode == 0x06 then
typestr = "E_TIMEOUT"
elseif retCode == 0x07 then
typestr = "E_WRONG_PROTOCOL_VERSION"
elseif retCode == 0x08 then
typestr = "E_WRONG_INTERFACE_VERSION"
elseif retCode == 0x09 then
typestr = "E_MALFORMED_MESSAGE"
elseif retCode == 0x0a then
typestr = "E_WRONG_MESSAGE_TYPE"
elseif retCode == 0x0b then
typestr = "E_E2E_REPEATED"
elseif retCode == 0x0c then
typestr = "E_E2E_WRONG_SEQUENCE"
elseif retCode == 0x0d then
typestr = "E_E2E"
elseif retCode == 0x0e then
typestr = "E_E2E_NOT_AVAILABLE"
elseif retCode == 0x0f then
typestr = "E_E2E_NO_NEW_DATA"
else
typestr = "E_RESERVED"
end
subtree:add(buffer(15.1), "Return Code:"..buffer(15,1).."-"..typestr)
if buffer(0,2):uint() == 0xffff and buffer(2,2):uint() == 0x8100 then
subtree = subtree:add(buffer(16), "SD Payload: " .. buffer(16))
subtree:add(buffer(16,1), "Flags: " .. buffer(16,1))
subtree:add(entriesLength, buffer(20,4))
local offset1e = 24;
local iTempNum = buffer(offset1e, 1):uint()
local sTempstr
if iTempNum == 0x01 then
sTempstr = "Offer Service"
elseif iTempNum == 0x00 then
sTempstr = "Find Service"
elseif iTempNum == 0x06 then
sTempstr = "SubscribeEventgroup"
elseif iTempNum == 0x07 then
sTempstr = "SubscribeEventgroupAck"
else
sTempstr = "Unkown"
end
subtree1e = subtree:add(buffer(offset1e,16), "1st Entry: ")
subtree1e:add(buffer(offset1e,1), "Type: " .. buffer((offset1e),1).."-"..sTempstr)
subtree1e:add(buffer((offset1e + 1),1),
"Index 1st options: "
.. buffer((offset1e + 1),1))
subtree1e:add(buffer((offset1e + 2),1),
"Index 2nd options: "
.. buffer((offset1e + 2),1))
subtree1e:add(buffer((offset1e + 3),1),
"# of opt 1 + 2: "
.. buffer((offset1e + 3),1))
subtree1e:add(buffer((offset1e + 4),2),
"Service ID: "
.. buffer((offset1e + 4),2))
subtree1e:add(buffer((offset1e + 6),2),
"Instance ID: "
.. buffer((offset1e + 6),2))
subtree1e:add(buffer((offset1e + 8),1),
"Major Version: "
.. buffer((offset1e + 8),1))
subtree1e:add(buffer((offset1e + 9),3),
"TTL: "
.. buffer((offset1e + 9),3))
subtree1e:add(buffer((offset1e + 12),4),
"Minor Version: "
.. buffer((offset1e + 12),4))
subtree1e:add(buffer((offset1e + 14),2),
"EventGroup ID: "
.. buffer((offset1e + 14),2))
if buffer(4,4):uint() > (12 + 4 + buffer(20,4):uint()) then
local offset1o = 24 + buffer(20,4):uint();
subtree:add(optionsLength, buffer(offset1o,4))
if buffer(offset1o,4):uint() > 0 then
subtree1o = subtree:add(buffer((offset1o + 4),12), "1st Option: ")
subtree1o:add(buffer((offset1o + 4),2),
"Length: "
.. buffer((offset1o + 4),2))
iTempNum = buffer((offset1o + 6),1):uint()
if iTempNum == 0x01 then
sTempstr = "Configuration"
elseif iTempNum == 0x04 then
sTempstr = "IPv4 Endpoint"
elseif iTempNum == 0x05 then
sTempstr = "IPv4 Endpoint"
elseif iTempNum == 0x06 then
sTempstr = "IPv6 Endpoint"
elseif iTempNum == 0x24 then
sTempstr = "IPv4 SD Endpoint"
elseif iTempNum == 0x26 then
sTempstr = "IPv6 SD Endpoint"
elseif iTempNum == 0x14 then
sTempstr = "IPv4 Multicast"
elseif iTempNum == 0x16 then
sTempstr = "IPv6 Multicast"
else
sTempstr = "Unkown"
end
subtree1o:add(buffer((offset1o + 6),1), "Type: " .. buffer((offset1o + 6),1).."-"..sTempstr)
subtree1o:add(ipv4,
buffer((offset1o + 8),4))
subtree1o:add(buffer((offset1o + 13),1),
"L4-Proto: "
.. buffer((offset1o + 13),1))
subtree1o:add(portNumber, buffer((offset1o + 14),2))
if buffer(offset1o,4):uint() > 12 then
subtree2o = subtree:add(buffer(offset1o+16,12),
"2nd Option: "
.. buffer(offset1o+16,12))
end
end
end
--if buffer(20,4):uint() > 16 then
-- subtree2e = subtree:add(buffer(40,16), "2nd Entry: " .. buffer(40,16))
--end
else
subtree:add(buffer(16), "Payload: " .. buffer(16))
end
end
-- load the udp.port table
udp_table = DissectorTable.get("udp.port")
tcp_table = DissectorTable.get("tcp.port")
-- register our protocol to handle udp port
udp_table:add(30490,someip_proto)
-- user define port
udp_table:add(31000,someip_proto)
tcp_table:add(31000,someip_proto)