Skip to main content

Wireshark Dissector

A Lua dissector for enhanced RTPS/DDS packet analysis in Wireshark.

Overview

The HDDS Wireshark dissector provides deep inspection of RTPS traffic, with special support for HDDS-specific features. It adds a new protocol tree (hdds) to RTPS packets showing:

  • Vendor identification (HDDS, FastDDS, RTI, etc.)
  • Submessage decoding (DATA, HEARTBEAT, ACKNACK, GAP, INFO_TS)
  • Entity ID recognition (SPDP, SEDP, TypeLookup)
  • Inline QoS parsing (topic name, type name)
  • CDR2 payload encapsulation detection
  • Sequence number tracking

Installation

Using Install Script

cd hdds/tools/wireshark
./install.sh

Manual Installation

Linux:

mkdir -p ~/.local/lib/wireshark/plugins/
cp hdds_rtps.lua ~/.local/lib/wireshark/plugins/

macOS:

mkdir -p ~/Library/Application\ Support/Wireshark/plugins/
cp hdds_rtps.lua ~/Library/Application\ Support/Wireshark/plugins/

Windows:

mkdir %APPDATA%\Wireshark\plugins
copy hdds_rtps.lua %APPDATA%\Wireshark\plugins\

Verify Installation

  1. Open Wireshark
  2. Go to Help → About Wireshark → Plugins
  3. Look for "hdds" in the list
  4. Check Lua console (Tools → Lua → Console) for: [HDDS] RTPS Dissector loaded

Quick Start

Capture RTPS Traffic

Set a capture filter for RTPS ports:

udp port 7400-7500

Filter HDDS Packets

Once captured, use display filters:

hdds.vendor == "HDDS"

View Packet Details

Expand the HDDS RTPS Analysis tree in the packet details pane to see:

  • Protocol version
  • Vendor ID
  • GUID prefix
  • Individual submessages with decoded fields

Features

FeatureDescription
RTPS HeaderMagic, version, vendor ID, GUID prefix
DATA submessageReader/Writer IDs, sequence number, inline QoS, payload
HEARTBEATFirst/last sequence, count
ACKNACKSequence number set
GAPGap start sequence
INFO_TSTimestamp (seconds.fraction)
CDR2 detectionEncapsulation type (CDR_LE, CDR2_LE, PL_CDR2_LE)
Vendor detectionHDDS (0x01AA), FastDDS, RTI, CycloneDDS, etc.
Entity IDsSPDP_WRITER, SEDP_PUB_READER, TypeLookup, etc.

Screenshots

HDDS packets are automatically highlighted with [HDDS] prefix in the info column:

No.  Time     Source        Dest          Protocol  Info
1    0.000    192.168.1.10  239.255.0.1   RTPS      [HDDS] DATA Seq=42 Topic="temperature"
2    0.001    192.168.1.10  239.255.0.1   RTPS      [HDDS] HEARTBEAT Seq=[1-42] Count=5