IRATI Wireshark dissector
This Git repository contains a dissector for Wireshark which can dissect packets exchanged by the IRATI stack, an implementation of RINA. The dissector can parse EFCP and CDAP PDUs. Currently only the outermost DIF is parsed.
Installing the dissector
To use this dissector with Wireshark, install the
efcp.lua file in the Wireshark plugin directory (or create a symlink).
The location of the Wireshark plugin directory for your operating system can be found in the documentation of Wireshark.
Dissecting CDAP PDUs (optional)
To optionally dissect the CDAP messages, follow the next steps:
rina-tools/src/rlite/CDAP.protofrom the IRATI stack Git repository and put
CDAP.protoa directory of your choice (for instance alongside
efcp.luain the Wireshark plugin directory).
Configure the search path for the the Protobuf Wireshark plugin to include the directory where you put
CDAP.proto. Wireshark's documentation on this topic can be found here.
Note: for now, it is necessary to edit
CDAP.proto as Wireshark chokes on
[default = 0] in the file so remove that part.
Configuring the dissector
As the length of the various fields can differ per DIF, the dissector has several preferences to change these which can be configured in Wireshark (Edit -> Preferences -> Protocols -> EFCP).
- Caspar Schutijser, SIDN Labs
- Joeri de Ruiter, SIDN Labs
This project is distributed under the MIT license, see LICENSE.