diff options
Diffstat (limited to 'wireshark/txhdr.lua')
-rw-r--r-- | wireshark/txhdr.lua | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/wireshark/txhdr.lua b/wireshark/txhdr.lua new file mode 100644 index 0000000..fc8db21 --- /dev/null +++ b/wireshark/txhdr.lua @@ -0,0 +1,47 @@ +local p = Proto("txhdr", "Hardware TX header") + +-- based off <https://www.problemkaputt.de/gbatek.htm#dswifihardwareheaders> + +p.fields.unknown = ProtoField.bytes("txhdr.unknown", "Unknown") + +p.fields.status = ProtoField.uint16("txhdr.status", "Status", base.DEC, { + [0x00] = "Retrying?", + [0x01] = "OK", + [0x03] = "Failed", + [0x05] = "Failed", +}, 0x00ff) +p.fields.new = ProtoField.bool("txhdr.new", "New frame") +p.fields.rate = ProtoField.uint8("txhdr.rate", "Transfer rate", base.HEX, { + [0x0a] = "1 Mbit/s", + [0x14] = "2 Mbit/s", +}) +p.fields.channel = ProtoField.uint8("txhdr.channel", "802.11 channel") +p.fields.length = ProtoField.uint16("txhdr.len", "Remaining message length") + +local ieee_dissector = Dissector.get("ieee") + +function p.dissector(buffer, pinfo, tree) + local header_size = 12 + -- check buffer size + if buffer:len() < header_size then return 0 end + + local subtree = tree:add(p, buffer(0, header_size), string.format("%s: %d bytes", p.description, header_size)) + + subtree:add_le(p.fields.status, buffer(0x00, 2)) + subtree:add_le(p.fields.new, buffer(0x02, 2)) + subtree:add_le(p.fields.unknown, buffer(0x04, 1)) + subtree:add_le(p.fields.unknown, buffer(0x05, 1)) + subtree:add_le(p.fields.unknown, buffer(0x06, 2)) + subtree:add_le(p.fields.rate, buffer(0x08, 1)) + subtree:add_le(p.fields.channel, buffer(0x09, 1)) + subtree:add_le(p.fields.length, buffer(0x0a, 2)) + local length = buffer(0x0a, 2):le_uint() + + -- pretty wireshark shit + pinfo.cols.protocol = p.name + + ieee_dissector:call(buffer(header_size, length):tvb(), pinfo, tree) + + return header_size +end + |