vmx/cbupr.lua

## cbupr.lua
-- NOTE: This is GPLv2 because it uses the Wireshark API

-- This program is free software; you can redistribute it and/or
-- modify it under the terms of the GNU General Public License
-- as published by the Free Software Foundation; either version 2
-- of the License, or (at your option) any later version.
--
-- This program is distributed in the hope that it will be useful,
-- but WITHOUT ANY WARRANTY; without even the implied warranty of
-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-- GNU General Public License for more details.
--
-- You should have received a copy of the GNU General Public License
-- along with this program; if not, write to the Free Software
-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

-- create Couchbase UPR protocol and its fields
p_cbupr = Proto ("cbupr", "Couchbase UPR Protocol")

local f = p_cbupr.fields
f.opcode = ProtoField.uint8("cbupr.opcode", "Opcode", base.HEX)
f.vbucket = ProtoField.uint16("cbupr.vbucket", "vBucket")

local memcache_dissector

local memcache_magic_f = Field.new("memcache.magic")
local memcache_opcode_f = Field.new("memcache.opcode")
local memcache_reserved_f = Field.new("memcache.reserved")

-- cbupr dissector function
function p_cbupr.dissector (buf, pkt, root)
  memcache_dissector:call(buf, pkt, root)

  -- validate packet length is adequate, otherwise quit
  if buf:len() == 0 then return end
  pkt.cols.protocol = p_cbupr.name

  -- create subtree for cbupr
  subtree = root:add(p_cbupr, buf(0))

  local memcache_magic = memcache_magic_f()
  local memcache_opcode = memcache_opcode_f()
  local memcache_reserved = memcache_reserved_f()

  cbupr_opcodes = {
     [0x50] = "Open Connection",
     [0x51] = "Add Stream",
     [0x52] = "Close Stream",
     [0x53] = "Stream Request",
     [0x54] = "Log Request",
     [0x55] = "Stream End",
     [0x56] = "Snapshot Marker",
     [0x57] = "Mutation",
     [0x58] = "Deletion",
     [0x59] = "Expiration",
     [0x5a] = "Flush",
     [0x5b] = "Set vBucket State"
  }
  if memcache_opcode.value >= 0x50 and memcache_opcode.value < 0x60 then
     local request = cbupr_opcodes[memcache_opcode.value]
     pkt.cols.info = request
     if memcache_magic.value == 0x81 then
        pkt.cols.info:append(" Response")
     end
  end

  -- add the vBucket ID to the info message
  if memcache_reserved then
     pkt.cols.info:append(", vBucket: " .. memcache_reserved.value)
     subtree:add(f.vbucket, memcache_reserved.value)
  end

  subtree:add(f.opcode, memcache_opcode.value)
end

-- Initialization routine
function p_cbupr.init()
end

-- register a chained dissector for port 12000
local tcp_dissector_table = DissectorTable.get("tcp.port")
-- get the memcached dissector so that we don't need to do the hard work
memcache_dissector = tcp_dissector_table:get_dissector(11211)
tcp_dissector_table:add(12000, p_cbupr)
	-- NOTE: This is GPLv2 because it uses the Wireshark API

	-- This program is free software; you can redistribute it and/or
	-- modify it under the terms of the GNU General Public License
	-- as published by the Free Software Foundation; either version 2
	-- of the License, or (at your option) any later version.
	--
	-- This program is distributed in the hope that it will be useful,
	-- but WITHOUT ANY WARRANTY; without even the implied warranty of
	-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	-- GNU General Public License for more details.
	--
	-- You should have received a copy of the GNU General Public License
	-- along with this program; if not, write to the Free Software
	-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

	-- create Couchbase UPR protocol and its fields
	p_cbupr = Proto ("cbupr", "Couchbase UPR Protocol")

	local f = p_cbupr.fields
	f.opcode = ProtoField.uint8("cbupr.opcode", "Opcode", base.HEX)
	f.vbucket = ProtoField.uint16("cbupr.vbucket", "vBucket")

	local memcache_dissector

	local memcache_magic_f = Field.new("memcache.magic")
	local memcache_opcode_f = Field.new("memcache.opcode")
	local memcache_reserved_f = Field.new("memcache.reserved")

	-- cbupr dissector function
	function p_cbupr.dissector (buf, pkt, root)
	memcache_dissector:call(buf, pkt, root)

	-- validate packet length is adequate, otherwise quit
	if buf:len() == 0 then return end
	pkt.cols.protocol = p_cbupr.name

	-- create subtree for cbupr
	subtree = root:add(p_cbupr, buf(0))

	local memcache_magic = memcache_magic_f()
	local memcache_opcode = memcache_opcode_f()
	local memcache_reserved = memcache_reserved_f()

	cbupr_opcodes = {
	[0x50] = "Open Connection",
	[0x51] = "Add Stream",
	[0x52] = "Close Stream",
	[0x53] = "Stream Request",
	[0x54] = "Log Request",
	[0x55] = "Stream End",
	[0x56] = "Snapshot Marker",
	[0x57] = "Mutation",
	[0x58] = "Deletion",
	[0x59] = "Expiration",
	[0x5a] = "Flush",
	[0x5b] = "Set vBucket State"
	}
	if memcache_opcode.value >= 0x50 and memcache_opcode.value < 0x60 then
	local request = cbupr_opcodes[memcache_opcode.value]
	pkt.cols.info = request
	if memcache_magic.value == 0x81 then
	pkt.cols.info:append(" Response")
	end
	end

	-- add the vBucket ID to the info message
	if memcache_reserved then
	pkt.cols.info:append(", vBucket: " .. memcache_reserved.value)
	subtree:add(f.vbucket, memcache_reserved.value)
	end

	subtree:add(f.opcode, memcache_opcode.value)
	end

	-- Initialization routine
	function p_cbupr.init()
	end

	-- register a chained dissector for port 12000
	local tcp_dissector_table = DissectorTable.get("tcp.port")
	-- get the memcached dissector so that we don't need to do the hard work
	memcache_dissector = tcp_dissector_table:get_dissector(11211)
	tcp_dissector_table:add(12000, p_cbupr)