1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
-- NOTE: my system is little-endian, so the .pcap files and this decoder expect
-- little endian
local nifi = Proto("nifi", "Nintendo DS ni-fi")
nifi.fields.magic = ProtoField.uint32("nifi.magic", "Magic", base.HEX)
nifi.fields.senderid = ProtoField.int32("nifi.senderid", "SenderID", base.DEC)
nifi.fields.type = ProtoField.new("Type", "nifi.type", ftypes.UINT32)
nifi.fields.type_enum = ProtoField.uint16("nifi.type.enum", "Numeric message type enum", base.DEC, {
[0] = "Regular",
[1] = "CMD",
[2] = "Reply",
[3] = "ACK",
})
nifi.fields.type_aid = ProtoField.uint16("nifi.type.aid", "Message type \"aid\" value")
nifi.fields.length = ProtoField.uint32("nifi.length", "Length", base.DEC)
nifi.fields.timestamp = ProtoField.uint64("nifi.timestamp", "Timestamp", base.DEC)
local nifi_senderid_field = Field.new("nifi.senderid")
local nifi_type_enum_field = Field.new("nifi.type.enum")
function nifi.dissector(buffer, pinfo, tree)
-- check magic ("NIFI")
if buffer(0, 4):uint() ~= 0x4e494649 then return end
local nifi_tree = tree:add(nifi, buffer(), "Ni-Fi data")
nifi_tree:add(nifi.fields.magic, buffer(0, 4))
nifi_tree:add_le(nifi.fields.senderid, buffer(4, 4))
local nifi_type_tree = nifi_tree:add_le(nifi.fields.type, buffer(8, 4))
nifi_type_tree:add_le(nifi.fields.type_enum, buffer(8, 2))
nifi_type_tree:add_le(nifi.fields.type_aid, buffer(10, 2))
nifi_tree:add_le(nifi.fields.length, buffer(12, 4))
nifi_tree:add_le(nifi.fields.timestamp, buffer(16, 8))
pinfo.cols.protocol = nifi.name
pinfo.cols.src = nifi_senderid_field().display
pinfo.cols.info = "type:" .. nifi_type_enum_field().display
end
|