Skip to content

Instantly share code, notes, and snippets.

@kenodai

kenodai/wolf_ism8i.lua

Created April 19, 2024 11:45
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save kenodai/c60acf0cc08744eff151be05ddec16f4 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save kenodai/c60acf0cc08744eff151be05ddec16f4 to your computer and use it in GitHub Desktop.
Download ZIP
Simple Wolf ISM8i Wireshark Dissector
Raw
wolf_ism8i.lua
ism8i = Proto("ISM8i", "Wolf ISM8i Protocol")
header_size = ProtoField.uint8("ism8i.header_size", "Header Size", base.HEX)
version = ProtoField.uint8("ism8i.version", "Version", base.HEX)
os_request = ProtoField.uint16("ism8i.os_request", "ObjectServer request", base.HEX)
frame_size = ProtoField.uint16("ism8i.frame_size", "Frame Size", base.DEC)
struc_length = ProtoField.uint8("ism8i.struc_length", "Structure Length", base.DEC)
main_service = ProtoField.uint8("ism8i.main_service", "Main Service", base.HEX)
sub_service = ProtoField.uint8("ism8i.sub_service", "Sub Service", base.HEX)
num_dps = ProtoField.uint16("ism8i.num_dps", "Number of Datapoints", base.DEC)
dp_id = ProtoField.uint16("ism8i.dp_id", "Datapoint ID", base.DEC)
dp_cmd = ProtoField.uint16("ism8i.dp_cmd", "Datapoint Command", base.DEC)
dp_length = ProtoField.uint16("ism8i.dp_length", "Datapoint Length", base.DEC)
dp_value = ProtoField.uint16("ism8i.dp_value", "Datapoint Value", base.DEC)
ism8i.fields = { header_size, version, os_request, frame_size, struc_length, main_service, sub_service, num_dps,
dp_id, dp_cmd, dp_length, dp_value
}
function ism8i.dissector(buffer, pinfo, tree)
length = buffer:len()
if length == 0 then return end
pinfo.cols.protocol = ism8i.name
local subtree = tree:add(ism8i, buffer(), "Wolf ISM8i Protocol Data")
subtree:add(header_size, buffer(0,1))
subtree:add(version, buffer(1,1))
subtree:add(os_request, buffer(2,2))
subtree:add(frame_size, buffer(4,2))
subtree:add(struc_length, buffer(6,1))
subtree:add(main_service, buffer(10,1))
local sub = buffer(11,1):le_uint()
if sub == 6 then
subtree:add(sub_service, buffer(11,1)):append_text(" (SetDatapointValue.Req)")
subtree:add(num_dps, buffer(14, 2))
local dps = buffer(14,2):uint()
dp_start = 14
for i = 1,dps do
local dp_tree = subtree:add(ism8i, buffer(), "Datapoint ".. i)
dp_tree:add(dp_id, buffer(dp_start + 2, 2))
dp_tree:add(dp_cmd, buffer(dp_start + 4, 1))
dp_tree:add(dp_length, buffer(dp_start + 5, 1))
local length = buffer(dp_start+5, 1):uint()
if length > 0 then
dp_tree:add(dp_value, buffer(dp_start+6,length))
end
dp_start = dp_start + 6 + length
end
elseif sub == 134 then
subtree:add(sub_service, sub):append_text(" (SetDatapointValue.Res)")
elseif sub == 193 then
subtree:add(sub_service, sub):append_text(" (DatapointValue.Ind)")
end
end
local tcp_port = DissectorTable.get("tcp.port")
tcp_port:add(12004, ism8i)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment