~tomleb/protoc-gen-wireshark-frpc

Protobuf plugin to generate Wireshark dissectors for fRPC packets
Add support for Enums
Update pcap file
Update README

refs

master
browse  log 

clone

read-only
https://git.sr.ht/~tomleb/protoc-gen-wireshark-frpc
read/write
git@git.sr.ht:~tomleb/protoc-gen-wireshark-frpc

You can also use your local clone with git send-email.

#protoc-gen-wireshark-frpc

This protobuf plugin generates Wireshark Dissectors to analyze fRPC packets based on a .proto file. fRPC currently uses its own encoding (see polyglot-go), so a custom plugin is necessary to dissect the packets.

Wireshark Screenshot

#Features

  • Filter on fields such as the service name, method name, etc. For a comprehensive list, see Fields filtering.
  • Dissects unknown fRPC content into fields. You'll get the values with proper kind, but all fields will be in a flat object.

#Fields filtering

TODO

#How to

Make sure that protoc-gen-wireshark-frpc is in a directory in your PATH.

You can then run the following command to generate the Wireshark plugin:

protoc --wireshark-frpc_out=. <package>.proto

This will generate a file <package>/<package>.frpc.lua that you can move to ~/.local/lib/wireshark/plugins.

You can then open Wireshark and it will be able to dissects fRPC packets (currently only for port 8080).

#TODO

There's a few things that I want to support:

  • [ ] Add a Decode as fRPC button
  • [ ] Better detection of fRPC packets (currently, port 8080 is hardcoded)
  • [ ] Better handling of unknown fields in known messages
  • [ ] Support Enums, OneOf, maps and streaming in proto files

#License

See LICENSE.