-
Notifications
You must be signed in to change notification settings - Fork 14
/
Copy path3gppDecoder.red
311 lines (270 loc) · 7.9 KB
/
3gppDecoder.red
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
Red [
Title: "3GPP DECODER"
Author: "KONGLONG"
Date: 2019-10-01
Version: 1.1.0
purpose: "解码wireshark能支持的所有协议"
Needs: 'View
]
warn-button-popup: function [
tt msg [string!]
] [
view/flags [
title tt
on-close [quit]
msg-text: text font-color red msg center wrap return
no-btn: button "退出" [quit]
do [
msg-text/size/y: msg-text/size/y * 2
win-centre: (2 * msg-text/offset/x + msg-text/size/x) / 2
no-btn/offset/x: to integer! win-centre - to integer! (no-btn/size/x / 2)
]
] [modal popup]
]
if error? try [
config-data: read %3gppDecoder.cfg
replace/all config-data "^(5c)" "/"
][
warn-button-popup "错误" "在3gppDecoder安装目录下找不到配置文件(3gppDecoder.cfg)"
]
if error? try [
config: load-json config-data
][
warn-button-popup "错误" "加载配置文件(3gppDecoder.cfg)时发生错误,请使用JSON格式检查工具检查文件格式"
]
print config
ws-dir: config/wireshark-dir
if ws-dir = none [
warn-button-popup "错误" "配置文件中的wireshark路径不对,请检查配置文件(3gppDecoder.cfg)"
]
replace/all ws-dir "^(5c)" "/"
replace/all ws-dir "//" "/"
npp-dir: config/notepadpp-dir
if npp-dir = none [
warn-button-popup "错误" "配置文件中的notepadpp路径不对,请检查配置文件(3gppDecoder.cfg)"
]
replace/all npp-dir "^(5c)" "/"
replace/all npp-dir "//" "/"
print ws-dir
print npp-dir
if not equal? last ws-dir #"/" [
ws-dir: append ws-dir "/"
]
if not equal? last npp-dir #"/" [
npp-dir: append npp-dir "/"
]
print ws-dir
print npp-dir
wireshark-app: rejoin[ws-dir "Wireshark.exe"]
text2pcap-app: rejoin[ws-dir "text2pcap.exe"]
tshark-app: rejoin[ws-dir "tshark.exe"]
notepad-app: rejoin[npp-dir "notepad++.exe"]
print wireshark-app
print text2pcap-app
print tshark-app
print notepad-app
check-file-exist: func [
file-dir [string!]
file-name [string!]
] [
wireshark-app-exist: false
if error? try [
folder: read to-file file-dir
foreach f folder [
if find f file-name [
wireshark-app-exist: true
break
]
]
][
wireshark-app-exist: false
]
if not wireshark-app-exist [
error-msg: rejoin["在目录" file-dir "下找不到" file-name ",请检查配置文件(3gppDecoder.cfg)或者" file-name "安装目录"]
warn-button-popup "错误" error-msg
]
]
check-file-exist ws-dir "Wireshark.exe"
check-file-exist ws-dir "text2pcap.exe"
check-file-exist ws-dir "tshark.exe"
check-file-exist npp-dir "notepad++.exe"
nats: make block! []
foreach p config/NAT [
foreach [k v] p [
append nats to-string k
]
]
default_nat: nats/2
if empty? nats [
quit
]
selected-proto: ""
proc-hex-str: function [
src-str [string!]
] [
whitespace: charset reduce [space tab cr lf]
hex-digits: charset ["0123456789" #"a" - #"f" #"A" - #"F"]
replace/all src-str "," " "
replace/all src-str "0x" " "
replace/all src-str "0X" " "
dst-str: ""
hex-ind: 0
str-len: 0
clear dst-str
parse src-str [some[
some[whitespace] (hex-ind: 0)
| [pos: hex-digits] (either hex-ind == 0 [
append dst-str " 0"
append dst-str pos/1
str-len: str-len + 3
hex-ind: 1
] [
dst-str/(:str-len - 1): dst-str/:str-len
dst-str/:str-len: pos/1
hex-ind: 0
])
]]
trim/head dst-str
trim/tail dst-str
dst-str
]
pre-proc-data: function [
data [string!]
] [
data: proc-hex-str data
; prep-area/text: data
rejoin["0000 " data " 0000"]
]
wireshark-cmd-arg1: {"uat:user_dlts:\"User 0 (DLT=147)\",\"}
wireshark-cmd-arg2: {\",\"0\",\"\",\"0\",\"\""}
decode-handler: function [
proto [string!]
data [string!]
] [
data-temp: copy data
data-temp: pre-proc-data data-temp
write %text_data_temp.txt data-temp
text2pcap_cmd: rejoin[text2pcap-app " -l 147 text_data_temp.txt decode_temp.pcap"]
; print text2pcap_cmd
call/wait text2pcap_cmd
;^(22)是"的转义,^(5c)是\的转义
tshark_cmd: rejoin["^(22)" tshark-app "^(22) -V -o " wireshark-cmd-arg1 proto wireshark-cmd-arg2 " -r decode_temp.pcap"]
print tshark_cmd
write %decode_result.txt ""
call/wait/output tshark_cmd %decode_result.txt
call/wait "del text_data_temp.txt"
; call/wait "del decode_temp.pcap"
if error? try [
output-area/text: read %decode_result.txt
][
; read不支持ANSI编码,要把“中国标准时间”6个字转换成UTF-8编码
binary-data: read/binary %decode_result.txt
replace/all binary-data #{ d6 d0 b9 fa b1 ea d7 bc ca b1 bc e4 } #{ e4 b8 ad e5 9b bd e6 a0 87 e5 87 86 e6 97 b6 e9 97 b4 }
output-area/text: to-string binary-data
]
]
open-wireshark-handler: function [
proto [string!]
data [string!]
] [
data-temp: copy data
data-temp: pre-proc-data data-temp
write %text_data_temp.txt data-temp
text2pcap_cmd: rejoin[text2pcap-app " -l 147 text_data_temp.txt decode_temp.pcap"]
; print text2pcap_cmd
call/wait text2pcap_cmd
;^(22)是"的转义,^(5c)是\的转义
wireshark_cmd: rejoin["^(22)" wireshark-app "^(22) -o " wireshark-cmd-arg1 proto wireshark-cmd-arg2 " -r decode_temp.pcap"]
print wireshark_cmd
call/shell wireshark_cmd
call/wait "del text_data_temp.txt"
; call/wait "del decode_temp.pcap"
]
update-nat-proto: function [
nat-str [string!]
] [
foreach p config/NAT [
foreach [k v] p [
if nat-str = to-string k [
proto-drop-down/text: v/1
proto-drop-down/data: v
]
]
]
]
about-txt: {
版本: v1.1.0
源码地址:
https://gitee.com/konglinglong/3gppDecoder
面向未来的3GPP解码器,通过修改配置文件,理论上可以解码wireshark现在以及以后支持的所有协议。
指导: XuBin
跑腿: KONGLONG
}
main-window: layout [
title "3GPP解码器"
text "网络:" 40x25
nat-drop-down: drop-down 100x25 data nats
on-select [
update-nat-proto face/text
selected-proto: proto-drop-down/text
]
text "协议:" 40x25
proto-drop-down: drop-down 125x25 data []
on-select [
selected-proto: face/text
]
button "解码" [
if selected-proto <> "" [
decode-handler selected-proto input-area/text
]
]
button "用notepad++打开" [
call rejoin[notepad-app " decode_result.txt"]
]
button "用wireshark打开"[
open-wireshark-handler selected-proto input-area/text
]
button "清空" [
input-area/text: ""
; prep-area/text: ""
output-area/text: ""
clear input-area/text
; clear prep-area/text
clear output-area/text
]
return
text "输入码流:"
return
input-area: area focus "" 800x60
; return
; text "码流预处理:"
; return
;prep-area: area "" 800x60
return
text "解码结果:"
return
output-area: area "" 800x400
do [
nat-drop-down/text: nats/1
update-nat-proto nat-drop-down/text
selected-proto: proto-drop-down/text
]
]
main-window/menu: [
"文件" [ "退出" qt ]
"帮助" [ "关于" ab ]
]
main-window/actors: make object! [
on-menu: func [face [object!] event [event!]][
switch event/picked [
qt [quit]
ab [
view/flags [
title "关于"
text 300x160 about-txt
return
OK-btn: button "OK" [unview]
] [modal popup]
]
] ] ]
view main-window