Wireshark Plugin for RSocket
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
CMakeLists.txt
Makefile.am
README.md
moduleinfo.h
packet-rsocket.c
plugin.c
plugin.rc.in

README.md

wireshark-plugin

Wireshark/tshark Plugin in C for RSocket.

NOTE: This is a work in progress.

Currently it supports all RSocket frames, except resumption.

Build

  • Download Wireshark source-code.
  • Create rsocket directory inside wireshark/plugins folder.
  • Download/Clone source code from this repo into the rsocket folder.
  • Inside wireshark folder, create CMakeListsCustom.txt and add the line.
set(CUSTOM_PLUGIN_SRC_DIR plugins/rsocket)
  • Follow the build instructions of Wireshark for your OS setup
  • Copy the built rsocket.so to the Plugins folder of wireshark. This depends on OS - on macOS it is typically ~/.config/wireshark/plugins or ~/.wireshark/plugins.

Notes

  • This code has been tested with latest stable release of Wireshark (2.2.5).
  • To enable RSocket dissector in Wireshark, go to Analyze -> Decode As in Wireshark UI and add identifiers for your packet flow (say TCP port). Select RSocket as the decoding protocol.