pa/eqemu-server
2
0
Fork 0
mirror of https://github.com/EQEmu/Server.git synced 2026-06-11 15:58:36 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Updated Packet and OpCode Analysis (markdown)

daerath
2019-02-06 10:15:53 -05:00
parent 5e338bbf52
commit 0ba91812be
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Packet-and-OpCode-Analysis.md
+1 -1
@@ -29,7 +29,7 @@ Navigate to the ShowEQ repos [Tags](https://sourceforge.net/p/seq/svn/HEAD/tr
Look at the Date column to see when each patch was released. Select one of the folders and then select the conf subfolder. The only files we are concerned with are worldopcodes.xml and zoneopcodes.xml. These contain the world and zone opcodes, but not all of them were updated for the latest patch. Only the ones ShowEQ needs were updated. Thankfully, if you look inside each file you can see the date/time each opcode was updated.
# Reading a capture
You cannot directly use a packet capture. Most packets will be compressed and most likely transmitted as Combined or Oversized packets. Making sense of them requires understanding the network-level packet structures so that you can decompress them and break them into individual packets. The only good way to do this is via code. Im sure there is an existing toolset to do this, but I opted for writing one. Im happy to share it and the underlying source.
You cannot directly use a packet capture. Most packets will be compressed and most likely transmitted as Combined or Oversized packets. Making sense of them requires understanding the network-level packet structures so that you can decompress them and break them into individual packets. The only good way to do this is via code. Im sure there is an existing toolset to do this, but I opted for writing one. You can find the source [here](https://github.com/daerath/EQPacketParser). It is fairly basic in function, which is perfectly fine for my purposes (so far).
Once the packets have been uncompressed and split apart, the opcodes from ShowEQ come into play. The tool maps packet opcodes to known opcodes and indicates packet direction (to or from the server). It also outputs each packet in byte format, hex format, and as a string. This helps make some calculations easier and the raw string output can enable faster identification of packet structure if it contains string values.