LLUDP Dissector

 

Home

 

Download

 

News

 

Support

 

Admin

 

Dev

 

Screen Shots

 

Grid List

 

Bugs

Languages:

English    Deutsch

LLUDP protocol dissector

This page describes the Wireshark LLUDP Protocol Dissector that can parse the message_template.msg file and use that information to decode all the message fields from the Linden Lab UDP protocol. Up to date code is available on GitHub

Installing

• Requires Wireshark with Lua support. This is enabled by default in recent versions of Wireshark. See this page for Wireshark support for Lua

on Linux

• Check if correct - Copy all five source files into ~/.wireshark
• Check if correct - If you need to run Wireshark as the root user or using sudo then you will need to edit the scripts into one file by replacing the dofile("script.lua") calls with the contents of file between the quotes.
• Check if correct - The other method is to add your user account to the correct group (on Gentoo it is group "wireshark") that will allow your non-root user to capture packets.

on Windows

• Copy the lludp folder containing the five .lua source files into the Wireshark AppData directory

Windows versions up to Windows 11

   C:\Users\<username>\AppData\Roaming\Wireshark\Plugins 

XP/2000

   C:\users\<username>\AppData\Wireshark

• init.lua is not required as LUA support is enabled by default in recent versions of Wireshark.

LLUDP preferences

There are three preferences that can be changed from Wireshark's Preferences - Protocols - LLUDP dialog:

• Message template file: Full path to the message_template.msg file used to decode message name & details from the packets. On Windows use double backslash '\\' instead of single blackslash '\' to separate directories (Example "C:\\Program Files\\FirestormOS-Releasex64\\app_settings\\message_template.msg").
• UDP port range start: First UDP port to mark as LLUDP packets. (default 13000)
• UDP port range end: Last UDP port to mark as LLUDP packets. (default 13050)

If your OpenSimulator regions are using only ports 9000-9050 then change the UDP port range.

Code license

The Wireshark LLUDP Dissector maybe used under the terms of the "Simplified BSD License" or the GPL.