Note
🚧 Project in Development 🚧 This project is currently under development and may fail.
Scripts for decoding packets of meshtastic nodes.
- Download the latest version of the dissector for your operating system from the MeshtasticDissector GitHub Releases page.
- Open Wireshark.
- For Windows/Linux users:
- Go to Help → About Wireshark.
- Navigate to the Folders tab and double-click the path for Personal Plugins.
- A file explorer window will open. Copy and paste the .dll file (Windows) or .so file (Linux) into that folder.
- For macOS users:
- Go to Wireshark → About Wireshark.
- Navigate to the Folders tab and double-click the path for Personal Plugins.
- A Finder window will open. Copy and paste the .so file into that folder.
Important
🚧 Project in Development 🚧
This project is currently under development and may fail. The dissector is not tested on all the operative systems and some packets may show as Dissector Error. Please be patient.
This script acts as a ZMQ subscriber and packet forwarder to Wireshark via a named pipe (FIFO), allowing Wireshark to analyze packets in real time.
Main functionality:
- Connects to the ZMQ publisher (like collector.py) and subscribes to all incoming messages.
- For each received message:
- Prints a hexdump for debugging purposes.
- Wraps the data into a PCAP-compliant format using a custom link layer type.
- Sends the formatted data to a named pipe, which Wireshark can be configured to read as a live packet source.
- Supports both Unix and Windows platforms (via PipeUnix and PipeWindows), although Windows support is still in development.
- Handles the creation and sending of a global PCAP header when the stream starts. This script allows integration of custom packet data into Wireshark using a pipeline, enabling analysis and dissection of experimental or custom protocols.
For more information about how to configure GNU-Radio for meshtastic follow the next repo. Just start the script with GNU-Radio and then connect the transporter.
To open wireshark add the path of the pipeline or execute the command:
wireshark -k -i /tmp/ftransporter # If you change the value of the pipeline then use the new valueThis script acts as a ZMQ publisher that reads data from a serial interface (e.g., a development board) and publishes that data over a ZeroMQ PUB socket.
Main functionality:
- Opens a serial connection to a board with configurable port and baudrate.
- Sends a series of initialization commands to configure the board (e.g., frequency, spreading factor, power level).
- Sets the board into receive mode.
- Continuously reads lines from the serial port (typically LoRa packet data) and publishes each line over a ZeroMQ socket.
- Publishes to an address like tcp://localhost:20000 (by default), which can be changed via command-line arguments. This script is useful for broadcasting received packets from a physical device to other systems or processes via ZeroMQ.
For linux until I work in a better way you need to copy to the installation plugins
# Copy the dissector to the install location of wireshark
sudo cp meshtastic.so /usr/lib/arch64-linux-gnu/wireshark/plugins/4.4/epanNote
If you don't know where is your installation path, you can view the path follow the next steps: Open wireshar Help -> About wireshark -> Folders -> Global Plugins there's the path
