Support for Miwi dissector

[Peter Lambrechtsen <peter () crypt nz>]

Hi

I am trying to decode some Miwi traffic which is pseudo Zigbee traffic
using a CC2531 as a sniffer but miwi has a different payload after the
initial 802.15.4 header.

If I wanted to add support for Miwi I assume modifying the current zigbee
dissector and submitting a PR with the new dissector is the best way to go?

Microchip have documented the miwi protocol in a few PDFs but I suspect
much of it is proprietary:
http://ww1.microchip.com/downloads/en/DeviceDoc/MiWi-Software-Design-Guide-User-Guide-DS50002851B.pdf
And
https://ww1.microchip.com/downloads/en/DeviceDoc/00001204C.pdf
http://ww1.microchip.com/downloads/en/Appnotes/00001283B.pdf

The zigbee dissector semi-decodes the frames:

[image: image.png]

But the payload is:

08 70 00 a6 13 35 00 33 63 03 c5 23 b5 01

The byte is the Frame Control byte with Acknowledgement Request enabled,
Then the second byte is sequence number etc.

[image: image.png]
So I suspect the best way to decode the traffic is to either build my own
dissector or to export the frames and parse them outside wireshark.

Cheer, Peter

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe