Lutron Universal Wireshark
Posted on
One of my all-time favorite tools is Wireshark. During college, my summer internship at Lutron Electronics was focused on packaging a custom internal build of Wireshark, complete with new dissectors for Lutron’s proprietary network protocols.
Lutron’s lighting control hardware communicates using a variety of proprietary wired and wireless link protocols. My goal was to make it quicker and easier for R&D engineers and field technicians to debug and verify hardware by enabling them to capture and dissect these proprietary protocols using Wireshark.
There had been prior efforts to build Lutron protocol dissectors into Wireshark, but there had been a few challenges:
- The customized builds of Wireshark would become outdated when new commands were added to the Lutron protocols, and when new version of Wireshark were released.
- Different teams had built dissectors for their specific protocols, meaning that there wasn’t a single version of Wireshark which could capture and dissect any Lutron protocol.
- Capturing was limited to Ethernet-based protocols, and was not available for serial data.
After meeting with stakeholders across the company to gain a better understanding of the problem, I went to work trying to resolve the issues that people were facing.
First, I created a Jenkins pipeline on an existing CI server so that when a new release of Wireshark was published, we could simply run the pipeline to compile and package a new installer, and publish it to an internal network drive.
Next, I looked at the dissector code other teams had written and worked to integrate them into the CI/CD pipeline. However, this didn’t completely solve the problem of new commands being added and not being reflected in Wireshark. To make this easier, I wrote a script that would parse specially-formatted comments out of a C header file and generate appropriate Wireshark dissector code.
Finally, to address the need to view serial data in Wireshark, I wrote a program to capture data from a USB serial interface and output it in pcap format, and wrote a small wrapper script in Lua to expose it as a Wireshark plugin.
I wrapped up the summer by presenting sessions about how to use Wireshark to teams across the company, including product development, QA, and field service.
While I spent a good chunk of time working on Wireshark, most of my work unfortunately could not be contributed upstream due to its proprietary nature. I was able to contribute a minor patch to resolve a quoting issues in a build script.