Wireshark mailing list archives
Re: lua decoder accessing info from layers above
From: "Maynard, Chris via Wireshark-dev" <wireshark-dev () wireshark org>
Date: Wed, 14 Oct 2020 15:34:14 +0000
From: Wireshark-dev <wireshark-dev-bounces () wireshark org> On Behalf Of chuck c
Sent: Wednesday, October 14, 2020 10:33 AM
To: Developer support list for Wireshark <wireshark-dev () wireshark org>
Subject: Re: [Wireshark-dev] lua decoder accessing info from layers above
local p_foo = Proto.new("foo", "foo")
local f_frame_protocols = Field.new("frame.protocols")
function p_foo.dissector(buf, pinfo, tree)
print(pinfo.number, "Protocols: " .. (f_frame_protocols() and f_frame_protocols().value or "Unknown"))
-- print(pinfo.number, f_frame_protocols().value)
end
register_postdissector(p_foo)
Script above prints to the Lua console.
What was the situation where it doesn't work?
It works as a post-dissector, but not as a registered dissector. For example, replace:
register_postdissector(p_foo)
with something like so, replacing the port number with whatever you can easily test with:
local udp_table = DissectorTable.get("udp.port")
udp_table:add(33333, p_foo)
Yet you can access and print other frame fields such as "frame.len" and "frame.cap_len".
- Chris
CONFIDENTIALITY NOTICE: This message is the property of International Game Technology PLC and/or its subsidiaries and
may contain proprietary, confidential or trade secret information. This message is intended solely for the use of the
addressee. If you are not the intended recipient and have received this message in error, please delete this message
from your system. Any unauthorized reading, distribution, copying, or other use of this message or its attachments is
strictly prohibited.
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives: https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- lua decoder accessing info from layers above Fulko Hew (Oct 12)
- Re: lua decoder accessing info from layers above John Thacker (Oct 12)
- Re: lua decoder accessing info from layers above Guy Harris (Oct 12)
- Re: lua decoder accessing info from layers above Fulko Hew (Oct 15)
- Re: lua decoder accessing info from layers above Graham Bloice (Oct 16)
- Re: lua decoder accessing info from layers above Maynard, Chris via Wireshark-dev (Oct 13)
- Re: lua decoder accessing info from layers above chuck c (Oct 14)
- Re: lua decoder accessing info from layers above Maynard, Chris via Wireshark-dev (Oct 14)
- Re: lua decoder accessing info from layers above Martin Kaiser (Oct 21)
- Re: lua decoder accessing info from layers above chuck c (Oct 14)
- Re: lua decoder accessing info from layers above John Thacker (Oct 12)
- <Possible follow-ups>
- Re: lua decoder accessing info from layers above qiangxiong.huang (Oct 14)
- Re: lua decoder accessing info from layers above Maynard, Chris via Wireshark-dev (Oct 14)