search

CrabeDeFrance / rtshark

Rust interface to tshark application
Other
32 stars 9 forks source link

"decode_as" option #4

Closed horaih closed 1 year ago

horaih commented 1 year ago

Hi there.

I would like to use rtshark with decode_as: -d option on my project. Could you check the patch and please consider merging it into the repository? decode_as.patch

CrabeDeFrance commented 1 year ago

Thanks for your patch. I will add it this weekend. Do you have a simple example I could use to add a unit test for this option ?

horaih commented 1 year ago

Yes, I do. I am testing my patch with the following code.

    let builder = rtshark::RTSharkBuilder::builder()
        .input_path("../free5gc.pcap")
        .decode_as("tcp.port==29502,http2")
        .decode_as("tcp.port==29503,http2")
        .decode_as("tcp.port==29504,http2")
        .decode_as("tcp.port==29507,http2")
        .decode_as("tcp.port==29509,http2")
        .decode_as("tcp.port==29518,http2");

and the input file is located here. Then we can see http2 packets on tcp port 29502, 29503, .. and 29518.

Layer: http2
        Stream: Magic
        Magic: PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n
        Stream: SETTINGS, Stream ID: 0, Length 18
        Length: 18
        Type: SETTINGS (4)
        Flags: 0x00
        .... ...0 = ACK: False
        0000 000. = Unused: 0x00
        0... .... .... .... .... .... .... .... = Reserved: 0x0
        .000 0000 0000 0000 0000 0000 0000 0000 = Stream Identifier: 0
        Settings - Enable PUSH : 0
        Settings Identifier: Enable PUSH (2)
        Enable PUSH: 0
        Settings - Initial Windows size : 4194304
        Settings Identifier: Initial Windows size (4)
        Initial Windows Size: 4194304
        Settings - Max header list size : 10485760
        Settings Identifier: Max header list size (6)
        Max header list size: 10485760
        Stream: WINDOW_UPDATE, Stream ID: 0, Length 4
        Length: 4
        Type: WINDOW_UPDATE (8)
        Flags: 0x00
        0000 0000 = Unused: 0x00
        0... .... .... .... .... .... .... .... = Reserved: 0x0
        .000 0000 0000 0000 0000 0000 0000 0000 = Stream Identifier: 0
        0... .... .... .... .... .... .... .... = Reserved: 0x0
        .100 0000 0000 0000 0000 0000 0000 0000 = Window Size Increment: 1073741824
CrabeDeFrance commented 1 year ago

Thanks for the patch, it is included in 2.4.0. Could you confirm this is OK for you ?

horaih commented 1 year ago

Thank you. It works very well. horaih/cap2seq@905e60a677d5031d13e6ab81ac1468773697cb44

Let me close this issue.