moonpfe/ednet.lua

## ednet.lua
p_ednet = Proto ("ednet", "EDNET")

local f = p_ednet.fields

f.magic = ProtoField.uint32("ednet.magic", "MAGIC", base.HEX)
f.crc = ProtoField.uint32("ednet.crc", "CRC", base.HEX)
f.cmd = ProtoField.uint16("ednet.cmd", "CMD", base.HEX)
f.noodles = ProtoField.uint16("ednet.noodles", "NOODLES", base.HEX)
f.len = ProtoField.uint16("ednet.len", "LENGTH", base.DEC)
f.data = ProtoField.bytes("ednet.data", "DATA")

function p_ednet.dissector (buffer, pinfo, tree)
  if buffer:len() == 0 then return end

  if (buffer:len() < 16) then return 0 end

  local length = buffer(15,1):uint() * 2^24
               + buffer(14,1):uint() * 2^16
               + buffer(13,1):uint() * 2^8
               + buffer(12,1):uint()

  local consume = 16 + length;
  if (buffer:len() < consume) then return 0 end

  subtree = tree:add(p_ednet, buffer(0))
  subtree:add_le(f.magic, buffer(0, 4))
  subtree:add_le(f.crc, buffer(4, 4))
  subtree:add_le(f.cmd, buffer(8, 2))
  subtree:add_le(f.noodles, buffer(10, 2))
  subtree:add_le(f.len, buffer(12, 4))

  pinfo.cols.protocol = p_ednet.name
  if buffer(8, 2):uint() == 257 then
    local auth = buffer(16, length)
    subtree:add(f.data, auth)
    pinfo.cols.info = "AUTH("..length..")"
  else
    pinfo.cols.info = ""
  end

  return consume;

end

local tcp_dissector_table = DissectorTable.get("tcp.port")
tcp_dissector_table:add(8081, p_ednet)
	p_ednet = Proto ("ednet", "EDNET")

	local f = p_ednet.fields

	f.magic = ProtoField.uint32("ednet.magic", "MAGIC", base.HEX)
	f.crc = ProtoField.uint32("ednet.crc", "CRC", base.HEX)
	f.cmd = ProtoField.uint16("ednet.cmd", "CMD", base.HEX)
	f.noodles = ProtoField.uint16("ednet.noodles", "NOODLES", base.HEX)
	f.len = ProtoField.uint16("ednet.len", "LENGTH", base.DEC)
	f.data = ProtoField.bytes("ednet.data", "DATA")

	function p_ednet.dissector (buffer, pinfo, tree)
	if buffer:len() == 0 then return end

	if (buffer:len() < 16) then return 0 end

	local length = buffer(15,1):uint() * 2^24
	+ buffer(14,1):uint() * 2^16
	+ buffer(13,1):uint() * 2^8
	+ buffer(12,1):uint()

	local consume = 16 + length;
	if (buffer:len() < consume) then return 0 end

	subtree = tree:add(p_ednet, buffer(0))
	subtree:add_le(f.magic, buffer(0, 4))
	subtree:add_le(f.crc, buffer(4, 4))
	subtree:add_le(f.cmd, buffer(8, 2))
	subtree:add_le(f.noodles, buffer(10, 2))
	subtree:add_le(f.len, buffer(12, 4))

	pinfo.cols.protocol = p_ednet.name
	if buffer(8, 2):uint() == 257 then
	local auth = buffer(16, length)
	subtree:add(f.data, auth)
	pinfo.cols.info = "AUTH("..length..")"
	else
	pinfo.cols.info = ""
	end

	return consume;

	end

	local tcp_dissector_table = DissectorTable.get("tcp.port")
	tcp_dissector_table:add(8081, p_ednet)