LLUDP Dissector

From OpenSimulator

Revision as of 04:04, 4 December 2023 by Manni (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Contents

LLUDP protocol dissector

This page describes the Wireshark LLUDP Protocol Dissector that can parse the message_template.msg file and use that information to decode all the message fields from the Linden Lab UDP protocol. Up to date code is available on GitHub

Installing

on Linux

  • Check if correct - Copy all five source files into ~/.wireshark
  • Check if correct - If you need to run Wireshark as the root user or using sudo then you will need to edit the scripts into one file by replacing the dofile("script.lua") calls with the contents of file between the quotes.
  • Check if correct - The other method is to add your user account to the correct group (on Gentoo it is group "wireshark") that will allow your non-root user to capture packets.

on Windows

  • Copy the lludp folder containing the five .lua source files into the Wireshark AppData directory

Windows versions up to Windows 11

   C:\Users\<username>\AppData\Roaming\Wireshark\Plugins 

XP/2000

   C:\users\<username>\AppData\Wireshark
  • init.lua is not required as LUA support is enabled by default in recent versions of Wireshark.

LLUDP preferences

There are three preferences that can be changed from Wireshark's Preferences - Protocols - LLUDP dialog:

  • Message template file: Full path to the message_template.msg file used to decode message name & details from the packets. On Windows use double backslash '\\' instead of single blackslash '\' to separate directories (Example "C:\\Program Files\\FirestormOS-Releasex64\\app_settings\\message_template.msg").
  • UDP port range start: First UDP port to mark as LLUDP packets. (default 13000)
  • UDP port range end: Last UDP port to mark as LLUDP packets. (default 13050)

If your OpenSimulator regions are using only ports 9000-9050 then change the UDP port range.

Code license

The Wireshark LLUDP Dissector maybe used under the terms of the "Simplified BSD License" or the GPL.

Personal tools
General
About This Wiki