Rewrite dissector: modular sources, dual-protocol, version-tested#6
Open
bigbes wants to merge 1 commit into
Open
Rewrite dissector: modular sources, dual-protocol, version-tested#6bigbes wants to merge 1 commit into
bigbes wants to merge 1 commit into
Conversation
bigbes
force-pushed
the
bigbes/dissector-rewrite
branch
from
4ad1e40 to
3f2b574
Compare
Single "Tarantool" dissector that auto-detects, per PDU, the modern MsgPack
IPROTO (1.6-3.x) vs the legacy <=1.5 binary protocol, so a mixed capture
decodes in one load.
Structure:
- src/ split into core, msgpack_ext, modern, legacy and per-build entries;
amalgamate.sh (POSIX sh) inlines modules into three self-contained dist/
builds (all / modern-only / legacy-only), bundling MessagePack only where
needed. Each build carries a private module registry instead of the global
package.preload, so generic module names ("core", ...) don't collide with
other Lua plugins and two builds can load in one session.
- each build registers under its own protocol name -- tarantool (all),
tarantool2 (modern), tarantool1 (legacy) -- created by core.init(slug, desc,
default_port), so the split builds coexist. The per-build distinct names are
borrowed from Dmitry Pankov's "Wireshark 4.0+ support for tarantool 1.5 proto"
branch (PR #5), which split into tarantool15 /
tarantool2.
Decoding:
- modern: SQL, streams, id, watchers, structured MP_ERROR stack, replication
(join/subscribe/raft/vclock), and MsgPack ext types (decimal, uuid, datetime,
interval) decoded to real values; unsigned 64-bit rendered unsigned;
pcall-guarded against malformed PDUs; 0xce framing guard so non-IPROTO bytes
don't corrupt reassembly.
- legacy: full 1.5 request/response set; direction detection from the configured
server ports, falling back to the lower-port heuristic; typeless fields
rendered as string / LE integer / blob, consistently across Wireshark versions.
Preferences:
- "Dissector enabled" (default on; borrowed from PR #5 -- toggles the dissector
from the GUI and re-registers on change) and "TCP ports" -- a range, e.g.
3301,3311-3313 (default 3301; legacy build 33013). prefs_changed re-registers
the port table and disabling unregisters the dissector. Distinct per-build
defaults keep co-loaded split builds off the same tcp.port slot, since
Wireshark binds one dissector per port.
Tests:
- tests/pcap/ holds real captures from Tarantool 1.5, 1.10, 2.11, 3.x, a merged
1.5+3.x, and 3-node master-master replication (async and sync); tests/run.sh
asserts concrete decoded values (bodies, responses, error text, ext tuples,
replication metadata), the enabled/disabled preference, the ports-range
preference (binding a whole 3311-3313 mesh without Decode As), and that the
legacy and modern builds co-load without colliding -- including that disabling
one leaves the other working. CI runs it on Wireshark 3.x and 4.x, and checks
dist/ is regenerated from src/. The capture generator test.lua guards with
"if _TARANTOOL == nil then return end" (borrowed from PR #5), so it is a no-op
when loaded outside a Tarantool runtime.
Removes the old single-format tarantool.dissector.lua and
tarantool15.dissector.lua.
bigbes
force-pushed
the
bigbes/dissector-rewrite
branch
from
3f2b574 to
a24a6a3
Compare
Author
|
Incrorporated other notable changes from #5 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Single "Tarantool" dissector that auto-detects, per PDU, the modern MsgPack IPROTO (1.6-3.x) vs the legacy <=1.5 binary protocol, so a mixed capture decodes in one load.
Structure
dist/stores the amalgamated resultsrc/split into core, msgpack_ext, modern, legacy and per-build entriesamalgamate.shinlines modules into three self-containeddist/builds (all / modern-only / legacy-only), bundling MessagePack only where needed. Each build carries a private module registry instead of the globalpackage.preload, so generic module names (core, …) don't collide with other Lua plugins and two builds can load in one Wireshark session.tarantool(all),tarantool2(modern),tarantool1(legacy) — so the split builds coexist.Decoding
Preferences
3301,3311-3313. Defaults to 3301 (33013 for the legacy build), so co-loaded split builds stay off the sametcp.portslot (Wireshark binds one dissector per port). A single build can bind a whole cluster / replication mesh.Tests
tests/pcap/holds real captures from Tarantool 1.5, 1.10, 2.11, 3.x, a merged 1.5+3.x, and 3-node master-master replication (async and sync).tests/run.shasserts concrete decoded values (bodies, responses, error text, ext tuples, replication metadata), the enabled/disabled preference, the ports-range preference (binding a 3311-3313 mesh without Decode As), and that the legacy + modern builds co-load without colliding — including that disabling one leaves the other working.dist/is regenerated fromsrc/.Borrowed from #5
Cherry-picked ideas from @dima424658's "Wireshark 4.0+ support for tarantool 1.5 proto" (#5):
tarantool15/tarantool2; adopted here astarantool1/tarantool2/tarantool);test.luaif _TARANTOOL == nil then return endguard, so the capture generator is a no-op outside a Tarantool runtime.Removes the old single-format
tarantool.dissector.luaandtarantool15.dissector.lua.Be not afraid of +6000 lines — it's mostly
dist/(amalgamated dissectors).