This repository contains Wireshark plugins for analyzing network packets of Final Fantasy XIV.
Copy all the files under src/ to the plugin folder, then click [Analyze] -
[Reload Lua Plugins] (or press Ctrl + Shift + L). There should be packets recognized by the plugin with Protocol set to FFXIV.
For Windows users, mklink.bat is provided to create a symbolic link from the plugin folder to the cloned repository.
Please notice that the plugin checks all tcp packets and determines packet types only by magic (0x41a05252 or 16 bytes of 0). So its highly
recommended to set capture filters properly to reduce packets to be processed.
FFXIV Segments (Both compressed and uncompressed), and detailed segment arguments for following types:
3- IPC7- ClientKeepAlive8- ServerKeepAlive
Some structure of the IPC packets are converted from Sapphire.
All the packet analyzing and verifying works are done with the Chinese server of FFXIV, there is no guarantee that the dissectors would work in the international server.
This repository uses a JSON-based schema to describe IPC packets and generate dissectors. See types folder
for structure described in TypeScript.
FINAL FANTASY, FINAL FANTASY XIV, FFXIV, SQUARE ENIX, and the SQUARE ENIX logo are registered trademarks or trademarks of Square Enix Holdings Co., Ltd.