Skip to content

Commit

Permalink
doc
Browse files Browse the repository at this point in the history
  • Loading branch information
@mdavidsaver
mdavidsaver committed Apr 8, 2023
1 parent d4fdc40 commit c9d4f0e
Showing 1 changed file with 22 additions and 13 deletions.
35 changes: 22 additions & 13 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
Wireshark dissector plugin for EPICS protocols
==============================================
Wireshark dissector plugin for EPICS CA and PVA protocols
=========================================================

Tested with wireshark 1.2.11, 1.8.2, 1.10.8, 2.2.6, 2.6.0, and 3.4.10.
Works on RHEL 7.4 (wireshark 1.10.14).
Expand All @@ -11,10 +11,18 @@ Only the file ca.lua is needed. Then start wireshark with

wireshark -X lua_script:/path/to/ca.lua

and/or

wireshark -X lua_script:/path/to/pva.lua

More than one `-X` argument may be passed to load both plugins.

Status
------

This plugin does general decoding of CA UDP and TCP traffic on the standard
The `pva.lua` plugin decodes PVA traffic on standard (TCP/5075 and UDP/5076) and non-standard ports.

The `ca.lua` plugin does general decoding of CA UDP and TCP traffic on the standard
ports (5064 and 5065). It does TCP segment reassembly for large messages.

The CA protocol provides no easy way to distinguish client and server
Expand All @@ -29,9 +37,9 @@ Bug reports are welcome (and patches more so).

Send to "Michael Davidsaver" <[email protected]>
or open a [github] issue.
Please mention both the wireshark and lua versions.
Please include repository revision, as well as wireshark and lua versions.

If possible, please include a packet capture file which will trigger the error.
If possible, please include a (filtered) packet capture file which will trigger the error.

Note that the PVA dissector triggers [bug 10233][bug10233] with wireshark 1.12.1,
which is known to be fixed with 2.0.
Expand All @@ -42,25 +50,26 @@ which is known to be fixed with 2.0.
Setup
-----

To automatically load the CA dissector *instead* of using the -X argument.
To automatically load the CA and/or PVA dissectors *instead* of using the -X argument.

On RHEL systems, the wireshark config directory is at /usr/share/wireshark/.
If the file /usr/share/wireshark/init.lua doesn't exist,
install the package wireshark-devel.
On RHEL systems, the wireshark config directory is at `/usr/share/wireshark/`.
If the file `/usr/share/wireshark/init.lua` doesn't exist,
install the package `wireshark-devel`.

Edit /etc/wireshark/init.lua and remove or comment out the line about
Edit `/etc/wireshark/init.lua` and remove or comment out the line about
disabling LUA support ("`disable_lua = true`"). You may also need
to change the line "`run_user_scripts_when_superuser = false`"
depending on how you run wireshark.

Next copy the file ca.lua from this repository to /etc/wireshark/.

Then add a line to the end of init.lua.
Then add either or both lines to the end of init.lua.

dofile("ca.lua")
dofile("pva.lua")

If all goes well the string "Loaded CA" will be printed to the console
when wireshark starts.
If all goes well the string "Loaded CA" and/or "Loaded PVA"
will be printed to the console when wireshark starts.

To install this for a single user create `$HOME/.wireshark/init.lua` with
a single line "`dofile("ca.lua")`" and place ca.lua in this directory.
Expand Down

0 comments on commit c9d4f0e

Please sign in to comment.