给Wireshark增加decode as为SMGP和SGIP的步骤

1. 在wireshark安装目录下找到init.lua文件,MAC下位于:/Applications/Wireshark.app/Contents/Resources/share/wireshark

2. 在init.lua同目录下创建sgip.lua和smgp.lua,其内容参考本文结尾

3. 打开init.lua并在结尾增加下面两行:

dofile(DATA_DIR.."sgip.lua")
dofile(DATA_DIR.."smgp.lua")

PS:

1. sgip.lua

-- SGIP.lua
-- SGIP protocol
-- author: h_Davy
do
 local p_SGIP = Proto("SGIP","SGIP","SGIP Protocol")
 local f_Length = ProtoField.uint32("SGIP.length","Message Length",base.DEC)
 local f_CommandId = ProtoField.uint32("SGIP.commandId","Command ID",base.HEX,{[1]="Bind",[0x80000001]="BindResp",[2]="UnBind",[3]="Submit",[0x80000003]="SubmitResp",[4]="Deliver",[0x80000004]="DeliverResp",[5]="Report",[0x80000005]="ReportResp"})
 local f_SequenceId = ProtoField.uint32("SGIP.sequenceId","Sequence ID",base.DEC);
 local f_Data = ProtoField.bytes("SGIP.Data","Data")
 local f_LoginType = ProtoField.uint8("SGIP.loginType","Login Type",base.HEX)
 local f_LoginName = ProtoField.string("SGIP.loginName","Login Name")
 local f_LoginPass = ProtoField.string("SGIP.loginPass","Login Pass")
 local f_Result = ProtoField.uint8("SGIP.result","Result",base.DEC,{[0]="OK"})
 local f_Text = ProtoField.string("SGIP.text")
 local f_SPNumber = ProtoField.string("SGIP.SPNumber","SP Number")
 local f_ChargeNumber = ProtoField.string("SGIP.ChargeNumber","Charge Number")
 local f_UserCount = ProtoField.uint8("SGIP.userCount","User Count",base.DEC)
 local f_UserNumber = ProtoField.string("SGIP.UserNumber","User Number")
 local f_CorpId = ProtoField.string("SGIP.CorpId","CorpId")
 local f_ServiceType = ProtoField.string("SGIP.ServiceType","Service Type")
 local f_FeeType = ProtoField.uint8("SGIP.FeeType","Fee Type")
 local f_FeeValue = ProtoField.string("SGIP.FeeValue","Fee Value")
 local f_GivenValue = ProtoField.string("SGIP.GivenValue","Given Value")
 local f_AgentFlag = ProtoField.uint8("SGIP.AgentFlag","Agent Flag")
 local f_MorelatetoMTFlag = ProtoField.uint8("SGIP.MorelatetoMTFlag","Morelateto MT Flag")
 local f_Priority = ProtoField.uint8("SGIP.Priority","Priority")
 local f_ExpireTime = ProtoField.string("SGIP.ExpireTime","ExpireTime")
 local f_ScheduleTime = ProtoField.string("SGIP.ScheduleTime","ScheduleTime")
 local f_ReportFlag = ProtoField.uint8("SGIP.ReportFlag","ReportFlag")
 local f_TP_pid = ProtoField.uint8("SGIP.TP_pid","TP_pid")
 local f_TP_udhi = ProtoField.uint8("SGIP.TP_udhi","TP_udhi")
 local f_MessageCoding = ProtoField.uint8("SGIP.MessageCoding","MessageCoding")
 local f_MessageType = ProtoField.uint8("SGIP.MessageType","MessageType")
 local f_MessageLength = ProtoField.uint8("SGIP.MessageLength","MessageLength")
 local f_MessageContent = ProtoField.string("SGIP.MessageContent","MessageContent")
 local f_SubmitSequenceNumber = ProtoField.uint32("SGIP.SubmitSequenceNumber","SubmitSequenceNumber")
 local f_ReportType = ProtoField.uint8("SGIP.ReportType","ReportType")
 --local f_UserNumber = ProtoField.string("SGIP.UserNumber","UserNumber")
 local f_State = ProtoField.uint8("SGIP.State","State")
 local f_ErrorCode = ProtoField.uint8("SGIP.ErrorCode","ErrorCode")
 --local f_TP_udhi = ProtoField.uint8("SGIP.TP_udhi","TP_udhi")

 p_SGIP.fields = {f_Length,f_CommandId,f_SequenceId,f_Data,f_LoginType,f_LoginName
 ,f_LoginPass,f_Result,f_Text,f_UserCount,f_SPNumber,f_ChargeNumber,f_UserNumber
 ,f_CorpId,f_ServiceType,f_FeeType,f_FeeValue,f_GivenValue,f_AgentFlag,f_MorelatetoMTFlag
 ,f_Priority,f_ExpireTime,f_ScheduleTime,f_ReportFlag,f_TP_pid,f_TP_udhi,f_MessageCoding
 ,f_MessageType,f_MessageLength,f_MessageContent,f_SubmitSequenceNumber,f_ReportType
 ,f_State,f_ErrorCode}

 local data_dis = Dissector.get("data")
 --
 local function SGIP_Bind(buf,pkt,t)
  --
  t:add(f_LoginType,buf(20,1))
  t:add(f_LoginName,buf(21,16))
  t:add(f_LoginPass,buf(37,16))
 end
 --
 local function SGIP_Submit(buf,pkt,t)
  t:add(f_SPNumber,buf(20,21))
  t:add(f_ChargeNumber,buf(41,21))
  local v_UserCount = buf(62,1)
  t:add(f_UserCount,v_UserCount)
  v_UserCount = v_UserCount:uint()
  -- 目标号码
  local v_curPos = 63
  for i=1,v_UserCount do
   t:add(f_UserNumber,buf(v_curPos,21))
   v_curPos = v_curPos+21
  end
  t:add(f_CorpId,buf(v_curPos,5))
  v_curPos=v_curPos+5
  t:add(f_ServiceType,buf(v_curPos,10))
  v_curPos=v_curPos+10
  t:add(f_FeeType,buf(v_curPos,1))
  v_curPos=v_curPos+1
  t:add(f_FeeValue,buf(v_curPos,6))
  v_curPos=v_curPos+6
  t:add(f_GivenValue,buf(v_curPos,6))
  v_curPos=v_curPos+6
  t:add(f_AgentFlag,buf(v_curPos,1))
  v_curPos=v_curPos+1
  t:add(f_MorelatetoMTFlag,buf(v_curPos,1))
  v_curPos=v_curPos+1
  t:add(f_Priority,buf(v_curPos,1))
  v_curPos=v_curPos+1
  t:add(f_ExpireTime,buf(v_curPos,16))
  v_curPos=v_curPos+16
  t:add(f_ScheduleTime,buf(v_curPos,16))
  v_curPos=v_curPos+16
  t:add(f_ReportFlag,buf(v_curPos,1))
  v_curPos=v_curPos+1
  t:add(f_TP_pid,buf(v_curPos,1))
  v_curPos=v_curPos+1
  t:add(f_TP_udhi,buf(v_curPos,1))
  v_curPos=v_curPos+1
  local v_MessageCoding=buf(v_curPos,1)
  t:add(f_MessageCoding,v_MessageCoding)
  v_MessageCoding = v_MessageCoding:uint()
  v_curPos=v_curPos+1
  t:add(f_MessageType,buf(v_curPos,1))
  v_curPos=v_curPos+1
  local v_MessageLength=buf(v_curPos,4)
  t:add(f_MessageLength,v_MessageLength)
  v_MessageLength=v_MessageLength:uint()
  v_curPos=v_curPos+4
  t:add(f_MessageContent,buf(v_curPos,v_MessageLength))
 end
 --
 local function SGIP_Deliver(buf,pkt,t)
  t:add(f_UserNumber,buf(20,21))
  t:add(f_SPNumber,buf(41,21))
  t:add(f_TP_pid,buf(62,1))
  t:add(f_TP_udhi,buf(63,1))
  local v_MessageCoding=buf(64,1)
  t:add(f_MessageCoding,v_MessageCoding)
  v_MessageCoding=v_MessageCoding:uint()
  local v_MessageLength=buf(65,4)
  t:add(f_MessageLength,v_MessageLength)
  v_MessageLength=v_MessageLength:uint()
  t:add(f_MessageContent,buf(69,v_MessageLength))
 end
 --
 local function SGIP_Report(buf,pkt,t)
  --t:add(f_SubmitSequenceNumber,buf(20,12))
  t:add(f_SubmitSequenceNumber,buf(28,4))
  t:add(f_ReportType,buf(32,1))
  t:add(f_UserNumber,buf(33,21))
  t:add(f_State,buf(54,1))
  t:add(f_ErrorCode,buf(55,1))
 end
 --
 local function SGIP_Response(buf,pkt,t)
  t:add(f_Result,buf(20,1))
 end
 --
 local function SGIP_dissector(buf,pkt,root)
  local buf_len = buf:len();
  if buf_len < 8 then return false end
  local v_length = buf(0,4)
  local v_command = buf(4,4)
  local v_sequenceId = buf(16,4)
  pkt.cols.protocol = "SGIP"
  local t = root:add(p_SGIP,buf(0,buf_len))
  t:add(f_Length,v_length)
  t:add(f_CommandId,v_command)
  t:add(f_SequenceId,v_sequenceId)
  --local dt = t:add(f_Data,buf(20,buf_len-20))
  v_command = v_command:uint()
  if v_command == 1 then
   SGIP_Bind(buf,pkt,t)
  elseif v_command == 3 then
   SGIP_Submit(buf,pkt,t)
  elseif v_command == 4 then
   SGIP_Deliver(buf,pkt,t)
  elseif v_command == 5 then
   SGIP_Report(buf,pkt,t)
  elseif v_command > 0x80000000 then
   SGIP_Response(buf,pkt,t)
  else
   t:add(f_Data,buf(20,buf_len-20))
  end
  return true
 end
 function p_SGIP.dissector(buf,pkt,root)
  -- 解析 SGIP
  if SGIP_dissector(buf,pkt,root) then
  else
   -- 使用默认输出
   data_dis:call(buf,pkt,root)
  end
 end

 tcp_table = DissectorTable.get("tcp.port")
 tcp_table:add(8801,p_SGIP)
end

2. smgp.lua

-- SMGP.lua
-- SMGP protocol
-- author: h_Davy
do
 local p_SMGP = Proto("SMGP","SMGP","SMGP Protocol")
 local f_Length = ProtoField.uint32("SMGP.length","Packet Length",base.DEC)
 local f_CommandId = ProtoField.uint32("SMGP.RequestId","Request ID",base.HEX,{
  [1]="Login",      [0x80000001]="LoginResp",
  [2]="Submit",     [0x80000002]="SubmitResp",
  [3]="Deliver",    [0x80000003]="DeliverResp",
  [4]="ActiveTest", [0x80000004]="ActiveTestResp",
  [5]="Forward",    [0x80000005]="ForwardResp",
  [6]="Exit",       [0x80000006]="ExitResp",
  [7]="Query",      [0x80000007]="QueryResp"})
 local f_SequenceId = ProtoField.uint32("SMGP.sequenceId","Sequence ID",base.DEC);
 local f_ClientID = ProtoField.string("SMGP.ClientID","ClientID")
 local f_Authenticator = ProtoField.bytes("SMGP.Authenticator","Authenticator")
 local f_LoginMode = ProtoField.uint8("SMGP.LoginMode","Login Mode",base.DEC)
 local f_TimeStamp = ProtoField.uint32("SMGP.TimeStamp","TimeStamp",base.DEC)
 local f_Version = ProtoField.uint8("SMGP.Version","Version",base.HEX)
 local f_Status = ProtoField.uint32("SMGP.Status","Status",base.DEC,{[0]="OK"})
 local f_MsgType = ProtoField.uint32("SMGP.MsgType","MsgType",base.DEC,{[0]="MO",[6]="MT",[7]="P2P"})
 local f_NeedReport = ProtoField.uint32("SMGP.NeedReport","NeedReport",base.DEC,{[0]="N",[1]="Y"})
 local f_Priority = ProtoField.uint32("SMGP.Priority","Priority",base.DEC)
 local f_ServiceID = ProtoField.string("SMGP.ServiceID","ServiceID")
 local f_FeeType = ProtoField.string("SMGP.FeeType","FeeType")
 local f_FeeCode = ProtoField.string("SMGP.FeeCode","FeeCode")
 local f_FixedFee = ProtoField.string("SMGP.FixedFee","FixedFee")
 local f_MsgFormat = ProtoField.uint32("SMGP.MsgFormat","MsgFormat",base.DEC,{
  [0]="ASCII",[3]="Card",[4]="Binary",[8]="UCS2",[15]="GB18030",[246]="SIM"})
 local f_ValidTime = ProtoField.string("SMGP.ValidTime","ValidTime")
 local f_AtTime = ProtoField.string("SMGP.AtTime","AtTime")
 local f_SrcTermID = ProtoField.string("SMGP.SrcTermID","SrcTermID")
 local f_ChargeTermID = ProtoField.string("SMGP.ChargeTermID","ChargeTermID")
 local f_DestTermIDCount = ProtoField.uint32("SMGP.DestTermIDCount","DestTermIDCount",base.DEC)
 local f_DestTermID = ProtoField.string("SMGP.DestTermID","DestTermID")
 local f_MsgLength = ProtoField.uint8("SMGP.MsgLength","MsgLength",base.DEC)
 local f_MsgContent = ProtoField.string("SMGP.MsgContent","MsgContent")
 local f_MsgID = ProtoField.bytes("SMGP.MsgID","MsgID")
 local f_IsReport = ProtoField.uint8("SMGP.IsReport","IsReport",base.DEC)
 local f_RecvTime = ProtoField.string("SMGP.RecvTime","RecvTime")

 p_SMGP.fields = {f_Length,f_CommandId,f_SequenceId,f_ClientID,f_Authenticator,
 f_LoginMode,f_TimeStamp,f_Version,f_Status,f_MsgType,f_NeedReport,f_Priority,
 f_ServiceID,f_FeeType,f_FeeCode,f_FixedFee,f_MsgFormat,f_ValidTime,f_AtTime,
 f_SrcTermID,f_ChargeTermID,f_DestTermIDCount,f_DestTermID,f_MsgLength,f_MsgContent,
 f_MsgID,f_IsReport,f_RecvTime}

 local data_dis = Dissector.get("data")
 --
 local function SMGP_Login(buf,pkt,t)
  t:add(f_ClientID,buf(12,8))
  t:add(f_Authenticator,buf(20,16))
  t:add(f_LoginMode,buf(36,1))
  t:add(f_TimeStamp,buf(37,4))
  t:add(f_Version,buf(41,1))
 end
 --
 local function SMGP_LoginResp(buf,pkt,t)
  t:add(f_Status,buf(12,4))
  t:add(f_Authenticator,buf(16,16))
  t:add(f_Version,buf(32,1))
 end
 --
 local function SMGP_Submit(buf,pkt,t)
  t:add(f_MsgType,buf(12,1))
  t:add(f_NeedReport,buf(13,1))
  t:add(f_Priority,buf(14,1))
  t:add(f_ServiceID,buf(15,10))
  t:add(f_FeeType,buf(25,2))
  t:add(f_FeeCode,buf(27,6))
  t:add(f_FixedFee,buf(33,6))
  t:add(f_MsgFormat,buf(39,1))
  t:add(f_ValidTime,buf(40,17))
  t:add(f_AtTime,buf(57,17))
  t:add(f_SrcTermID,buf(74,21))
  t:add(f_ChargeTermID,buf(95,21))
  t:add(f_DestTermIDCount,buf(116,1))
  t:add(f_DestTermID,buf(117,21))
  local v_msgLen = buf(138,1)
  t:add(f_MsgLength,v_msgLen)
  v_msgLen = v_msgLen:uint()
  t:add(f_MsgContent,buf(139,v_msgLen))
 end
 --
 local function SMGP_SubDelvResp(buf,pkt,t)
  t:add(f_MsgID,buf(12,10))
  t:add(f_Status,buf(22,4))
 end
 --
 local function SMGP_Deliver(buf,pkt,t)
  t:add(f_MsgID,buf(12,10))
  local v_IsReport = buf(22,1)
  t:add(f_IsReport,v_IsReport)
  v_IsReport = v_IsReport:uint()
  t:add(f_MsgFormat,buf(23,1))
  t:add(f_RecvTime,buf(24,14))
  t:add(f_SrcTermID,buf(38,21))
  t:add(f_DestTermID,buf(59,21))
  local v_msgLen = buf(80,1)
  t:add(f_MsgLength,v_msgLen)
  v_msgLen = v_msgLen:uint()
  if v_IsReport == 1 then
   --
   t:add(f_MsgID,buf(84, 10)):append_text(' (Submit MsgID)')
   t:add(f_MsgContent,buf(94,v_msgLen-13))
  else
   t:add(f_MsgContent,buf(81,v_msgLen))
  end
 end
 --
 local function SMGP_dissector(buf,pkt,root)
  local buf_len = buf:len();
  if buf_len < 8 then return false end
  local v_length = buf(0,4)
  local v_command = buf(4,4)
  local v_sequenceId = buf(8,4)
  pkt.cols.protocol = "SMGP"
  local t = root:add(p_SMGP,buf(0,buf_len))
  t:add(f_Length,v_length)
  t:add(f_CommandId,v_command)
  t:add(f_SequenceId,v_sequenceId)
  --
  v_command = v_command:uint()
  if v_command == 1 then
   SMGP_Login(buf,pkt,t)
  elseif v_command == 2 then
   SMGP_Submit(buf,pkt,t)
  elseif v_command == 3 then
   SMGP_Deliver(buf,pkt,t)
  elseif v_command == 0x80000001 then
   SMGP_LoginResp(buf,pkt,t)
  elseif v_command == 0x80000002 then
   SMGP_SubDelvResp(buf,pkt,t)
  elseif v_command == 0x80000003 then
   SMGP_SubDelvResp(buf,pkt,t)
  elseif v_command > 0x80000000 then
   --
  else
   t:add(f_Data,buf(20,buf_len-20))
  end
  return true
 end
 --
 function p_SMGP.dissector(buf,pkt,root)
  if SMGP_dissector(buf,pkt,root) then
  else
   data_dis:call(buf,pkt,root)
  end
 end

 tcp_table = DissectorTable.get("tcp.port")
 tcp_table:add(8890,p_SMGP)
end
相关文章
相关标签/搜索