/SMPTE-ST-2022-Wireshark-Dissector

A Lua dissector for Wireshark detailing SMPTE 2022-1, -2, -5 and -6 header fields

Primary LanguageLuaGNU General Public License v2.0GPL-2.0

SMPTE ST 2022 Lua Dissector for Wireshark

Getting Started

To use this dissector first you must ensure Lua is supported in the version of Wireshark being used. Lua has shipped with the Windows version of Wireshark since 0.99.4 but availability on other platforms vary.

To see if Lua is supported in your version go to Help>About Wireshark. Lua should be mentioned in the "Complied by..." paragraph.

About Wireshark

Once Lua support has been confimred the the SMPTE-2022.lua file must be placed in the Plugins folder. Wireshark looks for plugins in both a Personal Lua Plugins folder and a Global Lua Plugins folder.

On Windows Systems the folder locations are:

  • Personal Lua Plugins : %APPDATA%\Wireshark\plugins
  • Global Lua Plugin : %PROGRAMFILES%\Wireshark\plugins

On Linux systems the folder locations are:

  • Personal Lua Plugins : ~/.local/lib/wireshark/plugins
  • Global Lua Plugin : varies depending on the distro of Linux. Check

The location of the folders can be found by going to Help>About Wireshark and selecting the Folders tab.

Wireshark loads plugins at startup. Lua Plugins can be reloaded by going to Analyze>Reload Lua Plugins or by hitting Ctrl+Shift+L

More information about using LUA with Wireshark can be seen here:
https://wiki.wireshark.org/Lua

Using the SMPTE ST 2022 Dissector

Once the SMPTE-2022.lua file has been placed in the plugins folder start Wireshark or reload Lua Plugins by hitting Ctrl+Shift+L. Either make a capture of a ST 2022 data stream or load a .pcap file.

The first thing that needs to be done is set tell Wireshark to decode the UDP port of your stream as RTP.

This is achieved by going to Analyze>Decode As or by selecting a packet and right clicking and slecting Decode As

Select Decode As

In the Decode As dialogue select RTP from the drop down list in the Current column.

Decode As Dialogue

Once Wireshark has processed the change then the protocols should be seen in the Protocol column

Decoded ST2022-1

In the above image the ST2022-1 protocol is displayed in the Packet List Pane and the ST2022-1 Header and ST2022-1 Payload are shown as subtrees in the Packet Details Pane

SMPTE ST 2022-5

Decoded ST2022-5

In the above image the ST2022-5 protocol is displayed in the Packet List Pane and the ST2022-5 Header and ST2022-5 Payload are shown as subtrees in the Packet Details Pane

SMPTE ST 2022-6

Decoded ST2022-6

In the above image the ST2022-6 protocol is displayed in the Packet List Pane and the ST2022-6 Header and ST2022-6 Payload are shown as subtrees in the Packet Details Pane

Feedback and Comments

If you have any feedback or comments please email support@kscbroadcast.com