paradoxip is a Wireshark dissector for the IP protocol used by Paradox IP150, PCS250 and similar IP interfaces. This repository is a working space to build and test features before submitting an initial version to the Wireshark project.
Here is a screenshot of the development in progress:
- Decodes encrypted message payloads [based on the PAI decryption code at https://github.com/ParadoxAlarmInterface/pai/blob/master/paradox/lib/crypto.py].
- Properly interprets IP messages versus Serial passthrough messages
- Displays the name of most serial messages and decodes the parameters for a few of them.
- Wireshark preferences to save default module password or module passwords per IP address.
I am basing the protocol decoding on the structures defined in the PAI project's parsers.py files. While they are a great starting point there are some inconsistencies and some fields not fully documented. Here is what needs to be done:
- Create a proper protocol document for EVO and SP/Magellan serial messages - try various iterations of actions and map out the fields and values. The PAI structures can serve as starting point.
- Capture EVO and SP/Magellan communication traces for analysis along with details of the operations performed and system info/configuration
- Verify that paradoxip correctly decodes above traces
Building paradoxip follows the standard Wireshark building process as described at https://www.wireshark.org/docs/wsdg_html_chunked/ChSetupWin32.html. Perform the following two steps before running CMake to generate the build files (step 2.2.12 in the URL above):
-
Copy the paradoxip directory from the repository to the
plugins/epan
directory of the Wireshark sources. -
Add the line
plugins/epan/paradoxip
underneath theset(PLUGIN_SRC_DIRS
line inCMakeLists.txt
within the source code root directory. The resulting section of the file should look like this:set(PLUGIN_SRC_DIRS plugins/epan/paradoxip plugins/epan/ethercat plugins/epan/gryphon plugins/epan/irda plugins/epan/mate plugins/epan/opcua
Credit to João Paulo Barraca and Jevgeni Kiski for the PAI - Paradox Alarm Interface project which did a lot of the ground work.