feat: Meraki Discovery Protocol layer parsing#54
Conversation
|
is MDP a standard protocol? can you please provide some RFC or docs around this? |
|
It is a proprietary Cisco protocol, much like CDP. This work was based on the Wireshark dissector. https://github.com/wireshark/wireshark/blob/master/epan/dissectors/packet-mdp.c |
|
can you please share a full pcap of some mdp traffic. be keen to study it a bit more. no issues with this PR and happy to merge it soon. |
|
The variable You can also review the Wireshark code and their sample capture from https://gitlab.com/wireshark/wireshark/-/issues/14912 |
| case MdpTlvUnknownBool: | ||
| offset += 2 | ||
| length = int(data[offset-1]) | ||
| m.Type13Bool, _ = strconv.ParseBool(string(data[offset : offset+length])) |
There was a problem hiding this comment.
where does this come from? I can't see something similar in Wireshark's code.
There was a problem hiding this comment.
MdpTlvIP and MdpTlvUnknownBool are two types I saw when capturing MDP from a WiFi AP. The types and contents were obvious based on the ASCII.
AFAIK this protocol isn't officially documented so these types (and others) may have been added to the protocol since the Wireshark dissector was created.
Add parsing of Meraki discovery protocol (mdp) frames