aboutsummaryrefslogtreecommitdiff
path: root/wireshark
diff options
context:
space:
mode:
Diffstat (limited to 'wireshark')
-rw-r--r--wireshark/ethers8
-rw-r--r--wireshark/pictochat.lua52
2 files changed, 40 insertions, 20 deletions
diff --git a/wireshark/ethers b/wireshark/ethers
new file mode 100644
index 0000000..b60d4ec
--- /dev/null
+++ b/wireshark/ethers
@@ -0,0 +1,8 @@
+00:09:bf:11:22:33 Default_firmware_MAC
+03:09:bf:00:00:00 Multiplayer_CMD
+03:09:bf:00:00:10 Multiplayer_Reply
+03:09:bf:00:00:03 Multiplayer_ACK
+00:f0:77:77:77:77 Access_point
+10:00:de:ad:be:ef Instance_1_(lork)
+20:00:de:ae:02:ff Instance_2_(lork2)
+ff:ff:ff:ff:ff:ff Broadcast
diff --git a/wireshark/pictochat.lua b/wireshark/pictochat.lua
index 4927a9b..13a2722 100644
--- a/wireshark/pictochat.lua
+++ b/wireshark/pictochat.lua
@@ -1,28 +1,29 @@
local pc = Proto("pictochat", "Nintendo DS PictoChat")
+
+pc.fields.unknown = ProtoField.bytes("pictochat.unknown", "Unknown")
+
pc.fields.msg_type = ProtoField.uint16("pictochat.msg_type", "Frame type", base.DEC, {
- [0] = "Message",
- [1] = "???",
+ [0] = "Normal", -- Used for actual messages, ack packets
+ [1] = "Announcement", -- TODO: send broadcast???
})
pc.fields.resend = ProtoField.uint16("pictochat.resend", "Resend", base.DEC, {
[0] = "Resend",
[2] = "Original",
})
--- TODO: 6 bytes unknown
pc.fields.length = ProtoField.uint16("pictochat.length", "Message length")
--- TODO: 4 bytes unknown
-pc.fields.mp_sender = ProtoField.ether("pictochat.mp_sender", "Multiplayer sender MAC")
-pc.fields.sender = ProtoField.ether("pictochat.sender", "Sender MAC")
-pc.fields.unknown_counter = ProtoField.uint16("pictochat.unknown_counter", "Unknown counter")
--- TODO: 14 bytes unknown
+pc.fields.host = ProtoField.ether("pictochat.host", "Room host")
+pc.fields.src = ProtoField.ether("pictochat.src", "Source")
+pc.fields.dst = ProtoField.ether("pictochat.dst", "dstination")
pc.fields.content_offset = ProtoField.uint16("pictochat.content_offset", "Content offset")
pc.fields.content = ProtoField.bytes("pictochat.content", "Content")
pc.fields.sequence = ProtoField.uint16("pictochat.sequence", "Packet sequence")
-pc.fields.unknown_constant = ProtoField.bytes("pictochat.unknown_constant", "unknown_constant")
local nifi_length_field = Field.new("nifi.length")
local pc_msg_type_field = Field.new("pictochat.msg_type")
+local pc_length_field = Field.new("pictochat.length")
local pc_resend_field = Field.new("pictochat.resend")
-local pc_sender_field = Field.new("pictochat.sender")
+local pc_src_field = Field.new("pictochat.src")
+local pc_dst_field = Field.new("pictochat.dst")
function pc.dissector(buffer, pinfo, tree)
local header_length = nifi_length_field()()
@@ -35,18 +36,29 @@ function pc.dissector(buffer, pinfo, tree)
pc_tree:add_le(pc.fields.msg_type, buffer(0x00, 2))
pc_tree:add_le(pc.fields.resend, buffer(0x02, 2))
pc_tree:add_le(pc.fields.length, buffer(0x0a, 2))
- pc_tree:add_le(pc.fields.mp_sender, buffer(0x10, 6))
- pc_tree:add_le(pc.fields.sender, buffer(0x16, 6))
- pc_tree:add_le(pc.fields.sender, buffer(0x1c, 6)) -- copy
- pc_tree:add_le(pc.fields.unknown_counter, buffer(0x22, 2))
- pc_tree:add_le(pc.fields.content_offset, buffer(0x32, 2))
- pc_tree:add(pc.fields.content, buffer(0x36, 0xa0))
- pc_tree:add_le(pc.fields.sequence, buffer(0xd6, 2))
- pc_tree:add_le(pc.fields.resend, buffer(0xd8, 2)) -- copy
- pc_tree:add(pc.fields.unknown_constant, buffer(0xda, 4))
+ pc_tree:add_le(pc.fields.host, buffer(0x10, 6))
+ pc_tree:add_le(pc.fields.src, buffer(0x16, 6))
+ pc_tree:add_le(pc.fields.dst, buffer(0x1c, 6))
+ pc_tree:add_le(pc.fields.unknown, buffer(0x22, 2))
+ pc_tree:add_le(pc.fields.unknown, buffer(0x24, 2))
+
+ local msg_type = pc_msg_type_field()()
+ if msg_type == 0 then -- type = Normal (TODO: this should be 'message = drawing')
+ pc_tree:add_le(pc.fields.content_offset, buffer(0x32, 2))
+
+ local content_length = pc_length_field()() - 50 -- TODO: why 50?
+ buffer = buffer(0x36)
+ pc_tree:add(pc.fields.content, buffer(0, content_length))
+ buffer = buffer(content_length)
+
+ pc_tree:add_le(pc.fields.sequence, buffer(0x00, 2))
+ pc_tree:add_le(pc.fields.resend, buffer(0x02, 2)) -- copy
+ pc_tree:add(pc.fields.unknown, buffer(0x04, 4))
+ end
pinfo.cols.protocol = pc.name
- pinfo.cols.src = tostring(pc_sender_field())
+ pinfo.cols.src = tostring(pc_src_field())
+ pinfo.cols.dst = tostring(pc_dst_field())
pinfo.cols.info = pc_msg_type_field().display .. ", " .. pc_resend_field().display
end