mit-ll / dlep-wireshark-dissector Goto Github PK

Just for information:
I've started work to convert this dissector into a native Wireshark dissector.
Commit is currently under review at https://code.wireshark.org/review/#/c/36901/

Hi,

I tried to build the wireshark dissector plugin to read the DLEP packets. I could not find the dlep directory inside plugins folder while executing the command make -C plugins/dlep.

I could not able to generate the dlep.so library. Am I missing something ? Any help would be greatly appriciated.

Looks like we have an issue here. I've been trying to diagnose this all day. Perhaps I'm in a bit over my head, but section 11.2 of RFC 8175 does not say that the message must start with D L E P as Signals are supposed to, however it looks like somewhere along the lines this is being parsed incorrectly.

In my case, I send a session initialization message 0x0001 but it looks like the plugin might be expecting D L E P for the first 4 bytes. According to the RFC, the first two bytes should just be the message type (again, 0x0001), followed by the heartbeat interval (5000 in my case, 0x1388) and the peer type. I'm not 100% convinced on where the bug actually is, but from the attached screenshot, it looks like the plugin is just skipping over the first 4 bytes (reason why I think it's incorrectly expecting DLEP there) and may also explain why its showing as an unknown signal (when it should be a message).

Again, I could be completely mistaken but if you have any thoughts, please don't hesitate to share!

Thank you!

11.2.  DLEP Message Header

   The DLEP Message Header contains the following fields:

      0                   1                   2                   3
      0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
     | Message Type                  | Length                        |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                       Figure 4: DLEP Message Header

   Message Type:  A 16-bit unsigned integer containing one of the DLEP
      Message Type values defined in this document.

   Length:  The length in octets, expressed as a 16-bit unsigned
      integer, of all of the DLEP Data Items contained in this Message.
      This length MUST NOT include the length of the Message Header
      itself.

   The DLEP Message Header is immediately followed by zero or more DLEP
   Data Items, encoded in TLVs, as defined in this document.