Skip to content

Wireshark 4.0+ support for tarantool 1.5 proto#5

Open
dima424658 wants to merge 2 commits into
tarantool:masterfrom
dima424658:master
Open

Wireshark 4.0+ support for tarantool 1.5 proto#5
dima424658 wants to merge 2 commits into
tarantool:masterfrom
dima424658:master

Conversation

@dima424658

@dima424658 dima424658 commented Jul 1, 2024

Copy link
Copy Markdown

No description provided.

bigbes added a commit that referenced this pull request Jun 18, 2026
@bigbes
Rewrite dissector: modular sources, dual-protocol, version-tested
a24a6a3 
Single "Tarantool" dissector that auto-detects, per PDU, the modern MsgPack
IPROTO (1.6-3.x) vs the legacy <=1.5 binary protocol, so a mixed capture
decodes in one load.

Structure:
- src/ split into core, msgpack_ext, modern, legacy and per-build entries;
  amalgamate.sh (POSIX sh) inlines modules into three self-contained dist/
  builds (all / modern-only / legacy-only), bundling MessagePack only where
  needed. Each build carries a private module registry instead of the global
  package.preload, so generic module names ("core", ...) don't collide with
  other Lua plugins and two builds can load in one session.
- each build registers under its own protocol name -- tarantool (all),
  tarantool2 (modern), tarantool1 (legacy) -- created by core.init(slug, desc,
  default_port), so the split builds coexist. The per-build distinct names are
  borrowed from Dmitry Pankov's "Wireshark 4.0+ support for tarantool 1.5 proto"
  branch (PR #5), which split into tarantool15 /
  tarantool2.

Decoding:
- modern: SQL, streams, id, watchers, structured MP_ERROR stack, replication
  (join/subscribe/raft/vclock), and MsgPack ext types (decimal, uuid, datetime,
  interval) decoded to real values; unsigned 64-bit rendered unsigned;
  pcall-guarded against malformed PDUs; 0xce framing guard so non-IPROTO bytes
  don't corrupt reassembly.
- legacy: full 1.5 request/response set; direction detection from the configured
  server ports, falling back to the lower-port heuristic; typeless fields
  rendered as string / LE integer / blob, consistently across Wireshark versions.

Preferences:
- "Dissector enabled" (default on; borrowed from PR #5 -- toggles the dissector
  from the GUI and re-registers on change) and "TCP ports" -- a range, e.g.
  3301,3311-3313 (default 3301; legacy build 33013). prefs_changed re-registers
  the port table and disabling unregisters the dissector. Distinct per-build
  defaults keep co-loaded split builds off the same tcp.port slot, since
  Wireshark binds one dissector per port.

Tests:
- tests/pcap/ holds real captures from Tarantool 1.5, 1.10, 2.11, 3.x, a merged
  1.5+3.x, and 3-node master-master replication (async and sync); tests/run.sh
  asserts concrete decoded values (bodies, responses, error text, ext tuples,
  replication metadata), the enabled/disabled preference, the ports-range
  preference (binding a whole 3311-3313 mesh without Decode As), and that the
  legacy and modern builds co-load without colliding -- including that disabling
  one leaves the other working. CI runs it on Wireshark 3.x and 4.x, and checks
  dist/ is regenerated from src/. The capture generator test.lua guards with
  "if _TARANTOOL == nil then return end" (borrowed from PR #5), so it is a no-op
  when loaded outside a Tarantool runtime.

Removes the old single-format tarantool.dissector.lua and
tarantool15.dissector.lua.
@bigbes bigbes mentioned this pull request Jun 18, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@dima424658