initial skeleton for sysdig plugins experiments

author: Loris Degioanni <loris@sysdig.com> 2021-04-07 14:00:08 -0700
committer: Gerald Combs <gerald@wireshark.org> 2022-03-22 17:51:32 +0000
commit: 625a042ff84dd58bf9039c95a525cf0674a39da7 (patch)
tree: a3bba8c74fe3b87310082f4443f789f01be20513 /plugins
parent: a3877af99017c5159fe81dc6e92dc3e478b3e7c4 (diff)
5 files changed, 150 insertions, 0 deletions
diff --git a/plugins/epan/sysdig_bridge/AUTHORS b/plugins/epan/sysdig_bridge/AUTHORS
new file mode 100644
index 0000000000..2265263fa5
--- /dev/null
+++ b/plugins/epan/sysdig_bridge/AUTHORS
@@ -0,0 +1,2 @@
+Author :
+Loris Degioanni
+\ No newline at end of file
diff --git a/plugins/epan/sysdig_bridge/CMakeLists.txt b/plugins/epan/sysdig_bridge/CMakeLists.txt
new file mode 100644
index 0000000000..de5b114041
--- /dev/null
+++ b/plugins/epan/sysdig_bridge/CMakeLists.txt
@@ -0,0 +1,64 @@
+# CMakeLists.txt
+#
+# Wireshark - Network traffic analyzer
+# By Gerald Combs <gerald@wireshark.org>
+# Copyright 1998 Gerald Combs
+#
+# SPDX-License-Identifier: GPL-2.0-or-later
+#
+
+include(WiresharkPlugin)
+
+# Plugin name and version info (major minor micro extra)
+set_module_info(sysdig-plugins 0 0 4 0)
+
+set(DISSECTOR_SRC
+	packet-sysdig-bridge.c
+)
+
+set(PLUGIN_FILES
+	plugin.c
+	${DISSECTOR_SRC}
+)
+
+set_source_files_properties(
+	${PLUGIN_FILES}
+	PROPERTIES
+	COMPILE_FLAGS "${WERROR_COMMON_FLAGS}"
+)
+
+register_plugin_files(plugin.c
+	plugin
+	${DISSECTOR_SRC}
+)
+
+add_plugin_library(sysdig-plugins epan)
+
+target_link_libraries(sysdig-plugins epan)
+
+install_plugin(sysdig-plugins epan)
+
+file(GLOB DISSECTOR_HEADERS RELATIVE "${CMAKE_CURRENT_SOURCE_DIR}" "*.h")
+CHECKAPI(
+	NAME
+	  sysdig-plugins
+	SWITCHES
+	  --group dissectors-prohibited
+	  --group dissectors-restricted
+	SOURCES
+	  ${DISSECTOR_SRC}
+	  ${DISSECTOR_HEADERS}
+)
+
+#
+# Editor modelines  -  https://www.wireshark.org/tools/modelines.html
+#
+# Local variables:
+# c-basic-offset: 8
+# tab-width: 8
+# indent-tabs-mode: t
+# End:
+#
+# vi: set shiftwidth=8 tabstop=8 noexpandtab:
+# :indentSize=8:tabSize=8:noTabs=false:
+#
diff --git a/plugins/epan/sysdig_bridge/README b/plugins/epan/sysdig_bridge/README
new file mode 100644
index 0000000000..ea6ed30292
--- /dev/null
+++ b/plugins/epan/sysdig_bridge/README
@@ -0,0 +1,2 @@
+This plugin is a bridge between sysdig plugins and Wireshark, so that sysdig 
+plugins can be used as dissectors.
+\ No newline at end of file
diff --git a/plugins/epan/sysdig_bridge/packet-sysdig-bridge.c b/plugins/epan/sysdig_bridge/packet-sysdig-bridge.c
new file mode 100644
index 0000000000..a7e21b1d0c
--- /dev/null
+++ b/plugins/epan/sysdig_bridge/packet-sysdig-bridge.c
@@ -0,0 +1,70 @@
+/* packet-sysdig-bridge.c
+ *
+ * By Loris Degioanni
+ * Copyright (C) 2021 Sysdig, Inc.
+ *
+ * Wireshark - Network traffic analyzer
+ * By Gerald Combs <gerald@wireshark.org>
+ * Copyright 1998 Gerald Combs
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#include "config.h"
+
+#include <epan/packet.h>
+#include "packet-sysdig-bridge.h"
+
+#define FOO_PORT 1234
+#define FOO_PORT1 1235
+
+static int proto_foo = -1;
+static int proto_foo1 = -1;
+
+void
+proto_register_foo(void)
+{
+    proto_foo = proto_register_protocol (
+        "FOO Protocol", /* name       */
+        "FOO",      /* short name */
+        "foo"       /* abbrev     */
+        );
+
+    proto_foo1 = proto_register_protocol (
+        "FOO1 Protocol", /* name       */
+        "FOO1",      /* short name */
+        "foo1"       /* abbrev     */
+        );
+}
+
+static int
+dissect_foo(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree _U_, void *data _U_)
+{
+    col_set_str(pinfo->cinfo, COL_PROTOCOL, "FOO");
+    /* Clear out stuff in the info column */
+    col_clear(pinfo->cinfo,COL_INFO);
+
+    return tvb_captured_length(tvb);
+}
+
+static int
+dissect_foo1(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree _U_, void *data _U_)
+{
+    col_set_str(pinfo->cinfo, COL_PROTOCOL, "FOO1");
+    /* Clear out stuff in the info column */
+    col_clear(pinfo->cinfo,COL_INFO);
+
+    return tvb_captured_length(tvb);
+}
+
+void
+proto_reg_handoff_foo(void)
+{
+    static dissector_handle_t foo_handle;
+    foo_handle = create_dissector_handle(dissect_foo, proto_foo);
+    dissector_add_uint("udp.port", FOO_PORT, foo_handle);
+
+    static dissector_handle_t foo_handle1;
+    foo_handle1 = create_dissector_handle(dissect_foo1, proto_foo1);
+    dissector_add_uint("udp.port", FOO_PORT1, foo_handle1);
+}
diff --git a/plugins/epan/sysdig_bridge/packet-sysdig-bridge.h b/plugins/epan/sysdig_bridge/packet-sysdig-bridge.h
new file mode 100644
index 0000000000..fc1fccd0c8
--- /dev/null
+++ b/plugins/epan/sysdig_bridge/packet-sysdig-bridge.h
@@ -0,0 +1,12 @@
+/* packet-sysdig-bridge.h
+ *
+ * By Loris Degioanni
+ * Copyright (C) 2021 Sysdig, Inc.
+ *
+ * Wireshark - Network traffic analyzer
+ * By Gerald Combs <gerald@wireshark.org>
+ * Copyright 1998 Gerald Combs
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
author	Loris Degioanni <loris@sysdig.com>	2021-04-07 14:00:08 -0700
committer	Gerald Combs <gerald@wireshark.org>	2022-03-22 17:51:32 +0000
commit	625a042ff84dd58bf9039c95a525cf0674a39da7 (patch)
tree	a3bba8c74fe3b87310082f4443f789f01be20513 /plugins
parent	a3877af99017c5159fe81dc6e92dc3e478b3e7c4 (diff)