API tools faq
paste
Advertisement
gmarler

udprecv-info.lua

gmarler
Sep 11th, 2013
848
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Lua 2.09 KB | None | 0 0
raw download clone embed print report
  1. do
  2.     -- For each dest port we see a packet destined for, store the private "sequence #"
  3.     -- we extracted from the UDP packet, so we can deduce which sequence number should
  4.     -- be next
  5.     local port_seq = {}
  6.    
  7.     -- create the dissector
  8.     local udprecv = Proto("udprecv", "Dissector for our UDPrecv Receive Tester")
  9.    
  10.     -- Put one time initialization code here
  11.     function udprecv.init()
  12.     end
  13.    
  14.     -- field definitions for our protocol that tell wireshark
  15.     -- how to parse and display the useful chunks of data
  16.     local f = udprecv.fields
  17.     f.seq = ProtoField.uint64("udprecv.seq", "seq")
  18.    
  19.     -- The dissector function is called for each captured packet for protocol
  20.     -- that we subscribed
  21.     function udprecv.dissector(buffer, pinfo, tree)
  22.        
  23.         -- Adding fields to the tree
  24.         local subtree = tree:add(udprecv, buffer())
  25.         -- find the chunk of buffer that holds our private "seq #", which starts at 8 bytes
  26.         -- from the beginning of the packet, and is 8 bytes long
  27.         local seq = buffer(8, 8)
  28.        
  29.         if not pinfo.visited then
  30.             local port_str = tostring(pinfo.dst_port)
  31.             if not port_seq[port_str] then
  32.                 -- we've never seen this port before, so add it to port_seq, initializing
  33.                 -- to our private "sequence number" that we've extracted from the packet
  34.                 port_seq[port_str] = seq
  35.             else
  36.                 -- we've seen traffic to this port before, so take the last "sequence number"
  37.                 -- we saw, increment by one, and compare it with the sequence # we just
  38.                 -- extracted from the packet
  39.                 warn(port_seq[port_str])
  40.                 local expected = port_seq[port_str] + 1;
  41.                
  42.                 if seq ~= expected then
  43.                     warn("not sequential")
  44.                     -- pinfo.cols.info = "SEQ: "..seq.." is Invalid!"
  45.                 else
  46.                     info("it was equal")
  47.                 end
  48.                 -- Regardless of what we found, set the current sequence number received
  49.                 -- for this UDP port
  50.                 port_seq[port_str] = { seq }
  51.             end
  52.         end
  53.         subtree:add(f.seq, seq)
  54.     end
  55.  
  56.     -- subscribe for UDP packets on ports 30300-30303
  57.     local udp_table = DissectorTable.get("udp.port")
  58.     for i,port in ipairs{30300,30301,30302,30303} do
  59.       udp_table:add(port,udprecv);
  60.     end
  61. end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!