Wireshark-dev: Re: [Wireshark-dev] OPCUA Update

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: philippe alarcon <philippe.alarcon@xxxxxxx>
Date: Fri, 3 Apr 2009 17:00:04 +0200
Hi Gerhard,

Have a look at mikey protocol dissector in packet-mikey.c file.
The TCP port can be set using menu Edit/Preferences/MIKEY.
I think you can do the same thing for OPCUA protocol.

The code related to this is the following :

#define PORT_MIKEY 2269
static guint global_mikey_tcp_port = PORT_MIKEY;

void
proto_register_mikey(void)
{

...

    /* Register our configuration options */
    mikey_module = prefs_register_protocol(proto_mikey, proto_reg_handoff_mikey);

...

    prefs_register_uint_preference(mikey_module, "tcp.port", "MIKEY TCP Port",
        "Set the port for MIKEY messages (if other than the default of 2269)",
        10, &global_mikey_tcp_port);
}

void
proto_reg_handoff_mikey(void)
{
    static gboolean inited = FALSE;
...
    static guint mikey_tcp_port;

    if (!inited)
   {
        mikey_handle = new_create_dissector_handle(dissect_mikey, proto_mikey);
        dissector_add_string("key_mgmt", "mikey", mikey_handle);
        inited = TRUE;
    }
    else
   {

...
        dissector_delete("tcp.port", mikey_tcp_port, mikey_handle);
    }

...

    dissector_add("tcp.port", global_mikey_tcp_port, mikey_handle);

    mikey_tcp_port = global_mikey_tcp_port;
}

I hope this will help you.

Regards
Philippe

From: gerhard.gappmeier@xxxxxxxxxxx
To: wireshark-dev@xxxxxxxxxxxxx
Date: Wed, 1 Apr 2009 18:32:45 +0200
Subject: [Wireshark-dev] OPCUA Update

Hi all,


the most OPC UA Specifications are released meanwhile.
Also Part 6 which describes the protocol.
So it was overdue to update the wireshark opcua plugin.


Really a lot changed since the last update: transport, security and application layer, so this is a big update.


I attached the patch that will update the code.
It's only tested on Linux, but buildbot while verify the other platforms anyway.


I also attached a sample capture file for fuzzy testing.


What is really missing is a configuration option in Edit->preferences
where you can configure the port. Default is port 4840,
which is also the registered port for OPCUA.
But a lot of servers will run on other ports, so a configuration option would be nice.


Maybe somebody can help at this point, because I have no clue about the
wireshark GUI stuff.


--
mit freundlichen Grüßen / best regards


Gerhard Gappmeier
ascolab GmbH - automation systems communication laboratory
Tel.: +49 9131 691 123
Fax: +49 9131 691 128
Web: http://www.ascolab.com
GPG-Key: http://www.ascolab.com/gpg/gg.asc




Discutez sur Messenger où que vous soyez ! Mettez Messenger sur votre mobile !