Reputation: 123
Protocol Buffer Wireshark Plugin
I am looking for a wireshark plugin for google protocol buffer. And I found this GPB Wireshark plugin http://code.google.com/p/protobuf-wireshark/
Apparently only UDP….Is there a GPB plugin for wireshark that works for TCP?
Upvotes: 2
Views: 3134
Answers (2)
Reputation: 101
You could use Protobuf dissector shipped with Wireshark instead. Since Wireshark 3.2.0, the *.proto files can now be configured to enable more precise parsing of serialized Protobuf data (such as gRPC).
Parsing Protobuf data based on UDP port is supported since that version. And you can also write a simple dissector to invoke Protobuf dissector for TCP by passing message type through 'data' parameter in C or pinfo.private["pb_msg_type"] in lua.
You may get detail from the release note (https://www.wireshark.org/docs/relnotes/wireshark-3.2.0.html). The detail of invoking Protobuf dissector in your own dissector is on https://www.wireshark.org/docs/wsug_html_chunked/ChProtobufUDPMessageTypes.html.
Upvotes: 2
Related Questions
- Automating exporting packet dissections using tshark
- How can I add a custom protocol analyzer to wireshark?
- lua wireshark plugin dissector buffer length
- How to extract raw data from TCP packets using Wireshark
- Writing plugin dissector for Wireshark
- List for Wireshark (tshark) Payload Protocols
- Wireshark STOMP protocol dissector
- Adding plugin for a custom protocol into Wireshark
- [wireshark]how to use a plug-in to dissect a packet
- Wireshark Plugin: Dissecting Payloads With Multiple Packets Per UDP Frame