Wireshark

  • Riverbed Technology
  • WinPcap
the world's foremost network protocol analyzer
  • Wireshark
    • About
    • Download
    • Blog
  • Get Help
    • Ask a Question
    • FAQs
    • Documentation
    • Mailing Lists
    • Online Tools
    • Wiki
    • Bug Tracker
  • Develop
    • Get Involved
    • Developer's Guide
    • Browse the Code
    • Latest Builds

Wireshark-dev: Re: [Wireshark-dev] OPCUA Update

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next


From: philippe alarcon <philippe.alarcon@xxxxxxx>
Date: Fri, 3 Apr 2009 17:00:04 +0200

Hi Gerhard,

Have a look at mikey protocol dissector in packet-mikey.c file.
The TCP port can be set using menu Edit/Preferences/MIKEY.
I think you can do the same thing for OPCUA protocol.

The code related to this is the following :

#define PORT_MIKEY 2269
static guint global_mikey_tcp_port = PORT_MIKEY;

void
proto_register_mikey(void)
{

...

    /* Register our configuration options */
    mikey_module = prefs_register_protocol(proto_mikey, proto_reg_handoff_mikey);

...

    prefs_register_uint_preference(mikey_module, "tcp.port", "MIKEY TCP Port",
        "Set the port for MIKEY messages (if other than the default of 2269)",
        10, &global_mikey_tcp_port);
}

void
proto_reg_handoff_mikey(void)
{
    static gboolean inited = FALSE;
...
    static guint mikey_tcp_port;

    if (!inited)
   {
        mikey_handle = new_create_dissector_handle(dissect_mikey, proto_mikey);
        dissector_add_string("key_mgmt", "mikey", mikey_handle);
        inited = TRUE;
    }
    else
   {

...
        dissector_delete("tcp.port", mikey_tcp_port, mikey_handle);
    }

...

    dissector_add("tcp.port", global_mikey_tcp_port, mikey_handle);

    mikey_tcp_port = global_mikey_tcp_port;
}

I hope this will help you.

Regards
Philippe

From: gerhard.gappmeier@xxxxxxxxxxx
To: wireshark-dev@xxxxxxxxxxxxx
Date: Wed, 1 Apr 2009 18:32:45 +0200
Subject: [Wireshark-dev] OPCUA Update

Hi all,


the most OPC UA Specifications are released meanwhile.
Also Part 6 which describes the protocol.
So it was overdue to update the wireshark opcua plugin.


Really a lot changed since the last update: transport, security and application layer, so this is a big update.


I attached the patch that will update the code.
It's only tested on Linux, but buildbot while verify the other platforms anyway.


I also attached a sample capture file for fuzzy testing.


What is really missing is a configuration option in Edit->preferences
where you can configure the port. Default is port 4840,
which is also the registered port for OPCUA.
But a lot of servers will run on other ports, so a configuration option would be nice.


Maybe somebody can help at this point, because I have no clue about the
wireshark GUI stuff.


--
mit freundlichen Grüßen / best regards


Gerhard Gappmeier
ascolab GmbH - automation systems communication laboratory
Tel.: +49 9131 691 123
Fax: +49 9131 691 128
Web: http://www.ascolab.com
GPG-Key: http://www.ascolab.com/gpg/gg.asc




Discutez sur Messenger où que vous soyez ! Mettez Messenger sur votre mobile !
  • References:
    • [Wireshark-dev] OPCUA Update
      • From: Gerhard Gappmeier
  • Prev by Date: [Wireshark-dev] is-637 dissector
  • Next by Date: [Wireshark-dev] buildbot failure in Wireshark (development) on Ubuntu-7.10-x86-64
  • Previous by thread: Re: [Wireshark-dev] OPCUA Update
  • Next by thread: [Wireshark-dev] buildbot failure in Wireshark (development) on Ubuntu-7.10-x86-64
  • Index(es):
    • Date
    • Thread

Wireshark and the "fin" logo are registered trademarks of the Wireshark Foundation