bacapp dissector: parse lists as array of objects
Description
BACnet services that request or return a list of objects/values are visualised on the same level in the view. This makes processing these results programmatically difficult.
The above pcap shows an example of such a request. The readPropertyMultiple request contains a list of Read Access Specifications which contain an Object Identifier and a List of Property References [1]. This is currently parsed/visualised as follows:
- ObjectIdentifier 1
- listOfPropertyReferences
- ObjectIdentifier 2
- listOfPropertyReferences
- ...
When parsing this (using tshark with JSON as output) we have to trust unmarshal this sequentially and trust that the order is maintained to match a listOfPropertyReferences to an ObjectIdentifier.
The proposal is to parse/visualise these as follows:
- Read Access Specification: Object 1
- Object Identifier 1
- List of Property References
- Read Access Specification: Object 2
- ...
This way it is trivial to match the data to the correct object.
[1] Newman, H. M. (2013). BACnet: The global standard for building automation and control networks. Highland Park, IL: Momentum Press. (pp. 320)