Wireshark mailing list archives
Re: any examples of how to hook up Lua dissector to user_dlt tree?
From: "Maynard, Christopher via Wireshark-users" <wireshark-users () wireshark org>
Date: Wed, 1 Sep 2021 02:22:13 +0000
From: Wireshark-users <wireshark-users-bounces () wireshark org> On Behalf Of Ariel Burbaickij Sent: Monday, August 30, 2021 4:20 AM To: Community support list for Wireshark <wireshark-users () wireshark org> Subject: [Wireshark-users] any examples of how to hook up Lua dissector to user_dlt tree? Hello community, I would like to write Lua dissector for a binary, i.e. not text, proprietary protocol on top of user_dlt. Are there any examples available, which roughly show how this is done ? Could you point me to them as I have not found much interesting yet. In particular, how actual hooking should look like: local user_dlt = DissectorTable.get("user_dlt") // user_dlt dissector exists in Wireshark user_dlt:add(148, my_protocol_to_be_dissected) // my protocol uses user_dlt 148 or is it something else ? Kind Regards Ariel Burbaickij
This is done just as for any other protocol, either by changing the Wireshark preferences or specifying the option on the command-line. Assuming "Your Proprietary Protocol" = ypp and DLT=147 ... 1) Changing Wireshark preference: Edit -> Preferences... -> Protocols -> DLT_USER -> Encapsulations Table: Edit... -> [+] -> Select DLT 147, Payload Protocol=ypp, and set other relevant fields as needed -> OK -> OK. Refs: https://www.wireshark.org/docs/wsug_html_chunked/ChUserDLTsSection.html https://gitlab.com/wireshark/wireshark/-/wikis/HowToDissectAnything 2) Command-line option: Windows: Wireshark.exe -o "uat:user_dlts:\"User 1 (DLT=147)\",\"ypp\",\"0\",\"\",\"0\",\"\"" *nix: wireshark -o 'uat:user_dlts:"User 1 (DLT=147)","ypp","0","","0",""' Refs: https://www.wireshark.org/docs/man-pages/wireshark.html https://www.wireshark.org/docs/wsug_html_chunked/ChCustCommandLine.html I hope that helps? - Chris CONFIDENTIALITY NOTICE: This message is the property of International Game Technology PLC and/or its subsidiaries and may contain proprietary, confidential or trade secret information. This message is intended solely for the use of the addressee. If you are not the intended recipient and have received this message in error, please delete this message from your system. Any unauthorized reading, distribution, copying, or other use of this message or its attachments is strictly prohibited. ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-users Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- any examples of how to hook up Lua dissector to user_dlt tree? Ariel Burbaickij (Aug 30)
- Re: any examples of how to hook up Lua dissector to user_dlt tree? Maynard, Christopher via Wireshark-users (Aug 31)
- Re: any examples of how to hook up Lua dissector to user_dlt tree? Ariel Burbaickij (Aug 31)
- Re: any examples of how to hook up Lua dissector to user_dlt tree? Guy Harris (Aug 31)
- Re: any examples of how to hook up Lua dissector to user_dlt tree? Ariel Burbaickij (Aug 31)
- Re: any examples of how to hook up Lua dissector to user_dlt tree? Maynard, Christopher via Wireshark-users (Aug 31)