From c52c5a71d3103ac26d8b7bdf1fc1dcda95588197 Mon Sep 17 00:00:00 2001 From: Amit Geynis Date: Sun, 5 May 2019 16:45:49 +0300 Subject: [PATCH 1/2] Info column for SD --- sd_entries.lua | 28 +++++++++++++++++++++++----- 1 file changed, 23 insertions(+), 5 deletions(-) diff --git a/sd_entries.lua b/sd_entries.lua index 30da7f0..91a11a6 100644 --- a/sd_entries.lua +++ b/sd_entries.lua @@ -21,10 +21,16 @@ local f_e_cnt = ProtoField.uint8("sd.e.cnt","Counter",base.DEC,nil,0x0f) local f_e_egrp_id = ProtoField.uint8("sd.e.egrp_id","EventGroup_ID",base.HEX) local e_types = { - [0] = "FIND_SERVICE", -- 0x00 - [1] = "OFFER_SERVICE", -- 0x01 + [0] = "FIND SERVICE", -- 0x00 + [1] = "OFFER SERVICE", -- 0x01 [6] = "SUBSCRIBE", -- 0x06 - [7] = "SUBSCRIBE_ACK" -- 0x07 + [7] = "SUBSCRIBE ACK" -- 0x07 +} + +local e_negative_types = { + [1] = "STOP OFFER SERVICE", -- 0x01 + [6] = "STOP SUBSCRIBE", -- 0x06 + [7] = "SUBSCRIBE NACK" -- 0x07 } p_sd_ents.fields = {f_e_type,f_e_o1_i,f_e_o2_i,f_e_o1_n,f_e_o2_n,f_e_srv_id,f_e_inst_id,f_e_v_major,f_e_ttl,f_e_v_minor,f_e_reserved,f_e_init_req,f_e_reserved2,f_e_cnt,f_e_egrp_id} @@ -38,10 +44,21 @@ function p_sd_ents.dissector(buf,pinfo,root) -- parse entries (NOTE : some extra variables to easen understanding) local e_len_parsed = 0 + local info_col = "" while e_len_parsed < e_len do - local i_parse = parse_entries(root,buf(offset,(e_len-e_len_parsed))) + local i_parse, e_type_u8, ttl = parse_entries(root,buf(offset,(e_len - e_len_parsed))) e_len_parsed = e_len_parsed + i_parse + if (ttl ~= 0) then + info_col = info_col .. e_types[e_type_u8] .. ", " + else + info_col = info_col .. e_negative_types[e_type_u8] .. ", " offset = offset + i_parse + end + end + + if (info_col ~= "") then + -- Replace info column + pinfo.cols.info = info_col:sub(0, -3) end end @@ -96,6 +113,7 @@ function parse_entries(subtree,buf) offset = offset + 1 -- TTL e_subtree:add(f_e_ttl,buf(offset,3)) + local ttl = buf(offset,3):uint() offset = offset + 3 -- SERVICE / EVENTGROUP entries @@ -121,5 +139,5 @@ function parse_entries(subtree,buf) offset = offset + 2 end - return(offset) + return offset, type_u8, ttl end From 30684c5b79fca9d08fb393de06baa85e75e711b1 Mon Sep 17 00:00:00 2001 From: Amit Geynis Date: Sun, 5 May 2019 17:05:30 +0300 Subject: [PATCH 2/2] 1. Fix for data above SOME/IP feature 2. Added message type as info column --- someip.lua | 37 +++++++++++++++++++------------------ 1 file changed, 19 insertions(+), 18 deletions(-) diff --git a/someip.lua b/someip.lua index 806ed16..2489cde 100644 --- a/someip.lua +++ b/someip.lua @@ -8,7 +8,7 @@ local lshift, rshift = bit.lshift,bit.rshift local tohex = bit.tohex -- SOME/IP protocol -local SOMEIP_SD_OFFSET = 16 +local SOMEIP_LENGTH = 16 p_someip = Proto("someip","SOME/IP") @@ -29,27 +29,27 @@ local f_more_seg = ProtoField.uint8("someip.tp_more_segments","More Segments" local msg_types = { [0] = "REQUEST", -- 0x00 - [1] = "REQUEST_NO_RETURN", -- 0x01 + [1] = "REQUEST NO RETURN", -- 0x01 [2] = "NOTIFICATION", -- 0x02 - [64] = "REQUEST_ACK", -- 0x40 - [65] = "REQUEST_NO_RETURN_ACK", -- 0x41 - [66] = "NOTIFICATION_ACK", -- 0x42 + [64] = "REQUEST ACK", -- 0x40 + [65] = "REQUEST NO RETURN ACK", -- 0x41 + [66] = "NOTIFICATION ACK", -- 0x42 [128] = "RESPONSE", -- 0x80 [129] = "ERROR", -- 0x81 - [192] = "RESPONSE_ACK", -- 0xc0 - [193] = "ERROR_ACK", -- 0xc1 + [192] = "RESPONSE ACK", -- 0xc0 + [193] = "ERROR ACK", -- 0xc1 -- SOME/IP - Transport Protocol (SOME/IP-TP) [32] = "REQUEST Segment", -- 0x20 - [33] = "REQUEST_NO_RETURN Segment", -- 0x21 + [33] = "REQUEST NO RETURN Segment", -- 0x21 [34] = "NOTIFICATION Segment", -- 0x22 - [96] = "REQUEST_ACK Segment", -- 0x60 - [97] = "REQUEST_NO_RETURN_ACK Segment", -- 0x61 - [98] = "NOTIFICATION_ACK Segment", -- 0x62 + [96] = "REQUEST ACK Segment", -- 0x60 + [97] = "REQUEST NO RETURN ACK Segment", -- 0x61 + [98] = "NOTIFICATION ACK Segment", -- 0x62 [160] = "RESPONSE Segment", -- 0xa0 [161] = "ERROR Segment", -- 0xa1 - [224] = "RESPONSE_ACK Segment", -- 0xe0 - [225] = "ERROR_ACK Segment" -- 0xe1 + [224] = "RESPONSE ACK Segment", -- 0xe0 + [225] = "ERROR ACK Segment" -- 0xe1 } local ret_codes = { [0] = "E_OK", @@ -124,6 +124,8 @@ function p_someip.dissector(buf,pinfo,root) type:append_text(" (" .. msg_types[buf(14,1):uint()] ..")") end + pinfo.cols.info = msg_types[buf(14,1):uint()] + -- Return Code local rcode = subtree:add(f_rc,buf(15,1)) if ret_codes[buf(15,1):uint()] ~= nil then @@ -138,17 +140,17 @@ function p_someip.dissector(buf,pinfo,root) local more_seg = subtree:add(f_more_seg,buf(19,1)) if band(buf(19,1):uint(),0x01) == 0 then more_seg:append_text(" (Last Segment)") - pinfo.cols.info = "TP Segment Offset=" .. tp_offset .. " More=False" + pinfo.cols.info = msg_types[buf(14,1):uint()] .. " Offset=" .. tp_offset .. " More=False" else more_seg:append_text(" (Another segment follows)") - pinfo.cols.info = "TP Segment Offset=" .. tp_offset .. " More=True" + pinfo.cols.info = msg_types[buf(14,1):uint()] .. " Offset=" .. tp_offset .. " More=True" end end -- SD payload -- -- - if (buf(0,4):uint() == 0xffff8100) and (buf:len() > SOMEIP_SD_OFFSET) then - Dissector.get("sd"):call(buf(SOMEIP_SD_OFFSET):tvb(),pinfo,root) + if (buf(0,4):uint() == 0xffff8100) and (buf:len() > SOMEIP_LENGTH) then + Dissector.get("sd"):call(buf(SOMEIP_LENGTH):tvb(),pinfo,root) elseif (buf:len() > SOMEIP_LENGTH) then Dissector.get("data"):call(buf(SOMEIP_LENGTH):tvb(),pinfo,root) end @@ -167,4 +169,3 @@ function p_someip.init() tcp_dissector_table:add(port,p_someip) end end -