Wireshark 解析中国电信的 SMGP 协议的 lua 脚本。
-- SMGP.lua -- SMGP protocol -- author: h_Davy do local p_SMGP = Proto("SMGP","SMGP","SMGP Protocol") local f_Length = ProtoField.uint32("SMGP.length","Packet Length",base.DEC) local f_CommandId = ProtoField.uint32("SMGP.RequestId","Request ID",base.HEX,{ [1]="Login", [0x80000001]="LoginResp", [2]="Submit", [0x80000002]="SubmitResp", [3]="Deliver", [0x80000003]="DeliverResp", [4]="ActiveTest", [0x80000004]="ActiveTestResp", [5]="Forward", [0x80000005]="ForwardResp", [6]="Exit", [0x80000006]="ExitResp", [7]="Query", [0x80000007]="QueryResp"}) local f_SequenceId = ProtoField.uint32("SMGP.sequenceId","Sequence ID",base.DEC); local f_ClientID = ProtoField.string("SMGP.ClientID","ClientID") local f_Authenticator = ProtoField.bytes("SMGP.Authenticator","Authenticator") local f_LoginMode = ProtoField.uint8("SMGP.LoginMode","Login Mode",base.DEC) local f_TimeStamp = ProtoField.uint32("SMGP.TimeStamp","TimeStamp",base.DEC) local f_Version = ProtoField.uint8("SMGP.Version","Version",base.HEX) local f_Status = ProtoField.uint32("SMGP.Status","Status",base.DEC,{[0]="OK"}) local f_MsgType = ProtoField.uint32("SMGP.MsgType","MsgType",base.DEC,{[0]="MO",[6]="MT",[7]="P2P"}) local f_NeedReport = ProtoField.uint32("SMGP.NeedReport","NeedReport",base.DEC,{[0]="N",[1]="Y"}) local f_Priority = ProtoField.uint32("SMGP.Priority","Priority",base.DEC) local f_ServiceID = ProtoField.string("SMGP.ServiceID","ServiceID") local f_FeeType = ProtoField.string("SMGP.FeeType","FeeType") local f_FeeCode = ProtoField.string("SMGP.FeeCode","FeeCode") local f_FixedFee = ProtoField.string("SMGP.FixedFee","FixedFee") local f_MsgFormat = ProtoField.uint32("SMGP.MsgFormat","MsgFormat",base.DEC,{ [0]="ASCII",[3]="Card",[4]="Binary",[8]="UCS2",[15]="GB18030",[246]="SIM"}) local f_ValidTime = ProtoField.string("SMGP.ValidTime","ValidTime") local f_AtTime = ProtoField.string("SMGP.AtTime","AtTime") local f_SrcTermID = ProtoField.string("SMGP.SrcTermID","SrcTermID") local f_ChargeTermID = ProtoField.string("SMGP.ChargeTermID","ChargeTermID") local f_DestTermIDCount = ProtoField.uint32("SMGP.DestTermIDCount","DestTermIDCount",base.DEC) local f_DestTermID = ProtoField.string("SMGP.DestTermID","DestTermID") local f_MsgLength = ProtoField.uint8("SMGP.MsgLength","MsgLength",base.DEC) local f_MsgContent = ProtoField.string("SMGP.MsgContent","MsgContent") local f_MsgID = ProtoField.bytes("SMGP.MsgID","MsgID") local f_IsReport = ProtoField.uint8("SMGP.IsReport","IsReport",base.DEC) local f_RecvTime = ProtoField.string("SMGP.RecvTime","RecvTime") p_SMGP.fields = {f_Length,f_CommandId,f_SequenceId,f_ClientID,f_Authenticator, f_LoginMode,f_TimeStamp,f_Version,f_Status,f_MsgType,f_NeedReport,f_Priority, f_ServiceID,f_FeeType,f_FeeCode,f_FixedFee,f_MsgFormat,f_ValidTime,f_AtTime, f_SrcTermID,f_ChargeTermID,f_DestTermIDCount,f_DestTermID,f_MsgLength,f_MsgContent, f_MsgID,f_IsReport,f_RecvTime} local data_dis = Dissector.get("data") -- local function SMGP_Login(buf,pkt,t) t:add(f_ClientID,buf(12,8)) t:add(f_Authenticator,buf(20,16)) t:add(f_LoginMode,buf(36,1)) t:add(f_TimeStamp,buf(37,4)) t:add(f_Version,buf(41,1)) end -- local function SMGP_LoginResp(buf,pkt,t) t:add(f_Status,buf(12,4)) t:add(f_Authenticator,buf(16,16)) t:add(f_Version,buf(32,1)) end -- local function SMGP_Submit(buf,pkt,t) t:add(f_MsgType,buf(12,1)) t:add(f_NeedReport,buf(13,1)) t:add(f_Priority,buf(14,1)) t:add(f_ServiceID,buf(15,10)) t:add(f_FeeType,buf(25,2)) t:add(f_FeeCode,buf(27,6)) t:add(f_FixedFee,buf(33,6)) t:add(f_MsgFormat,buf(39,1)) t:add(f_ValidTime,buf(40,17)) t:add(f_AtTime,buf(57,17)) t:add(f_SrcTermID,buf(74,21)) t:add(f_ChargeTermID,buf(95,21)) t:add(f_DestTermIDCount,buf(116,1)) t:add(f_DestTermID,buf(117,21)) local v_msgLen = buf(138,1) t:add(f_MsgLength,v_msgLen) v_msgLen = v_msgLen:uint() t:add(f_MsgContent,buf(139,v_msgLen)) end -- local function SMGP_SubDelvResp(buf,pkt,t) t:add(f_MsgID,buf(12,10)) t:add(f_Status,buf(22,4)) end -- local function SMGP_Deliver(buf,pkt,t) t:add(f_MsgID,buf(12,10)) local v_IsReport = buf(22,1) t:add(f_IsReport,v_IsReport) v_IsReport = v_IsReport:uint() t:add(f_MsgFormat,buf(23,1)) t:add(f_RecvTime,buf(24,14)) t:add(f_SrcTermID,buf(38,21)) t:add(f_DestTermID,buf(59,21)) local v_msgLen = buf(80,1) t:add(f_MsgLength,v_msgLen) v_msgLen = v_msgLen:uint() if v_IsReport == 1 then -- t:add(f_MsgID,buf(84, 10)):append_text(' (Submit MsgID)') t:add(f_MsgContent,buf(94,v_msgLen-13)) else t:add(f_MsgContent,buf(81,v_msgLen)) end end -- local function SMGP_dissector(buf,pkt,root) local buf_len = buf:len(); if buf_len < 8 then return false end local v_length = buf(0,4) local v_command = buf(4,4) local v_sequenceId = buf(8,4) pkt.cols.protocol = "SMGP" local t = root:add(p_SMGP,buf(0,buf_len)) t:add(f_Length,v_length) t:add(f_CommandId,v_command) t:add(f_SequenceId,v_sequenceId) -- v_command = v_command:uint() if v_command == 1 then SMGP_Login(buf,pkt,t) elseif v_command == 2 then SMGP_Submit(buf,pkt,t) elseif v_command == 3 then SMGP_Deliver(buf,pkt,t) elseif v_command == 0x80000001 then SMGP_LoginResp(buf,pkt,t) elseif v_command == 0x80000002 then SMGP_SubDelvResp(buf,pkt,t) elseif v_command == 0x80000003 then SMGP_SubDelvResp(buf,pkt,t) elseif v_command > 0x80000000 then -- else t:add(f_Data,buf(20,buf_len-20)) end return true end -- function p_SMGP.dissector(buf,pkt,root) if SMGP_dissector(buf,pkt,root) then else data_dis:call(buf,pkt,root) end end tcp_table = DissectorTable.get("tcp.port") tcp_table:add(8890,p_SMGP) end
0 comments:
Post a Comment