Re: Saving packet related information in pinfo.private_data

[Sidda Eraiah <sidda.eraiah () kaazing com>]

Jaap,

Thanks for your response. I looked up for some samples for accessing
reassembly functions and conversation related functions that are called from
Lua Dissector scripts and could not find any.

Please provide a sample in Lua for accessing conversation and reassembly
functions. Is this documented someplace?

Thanks in advance.

-- 
Best Regards,
Sidda


On Tue, Jun 15, 2010 at 11:41 PM, Jaap Keuter <jaap.keuter () xs4all nl> wrote:

> Hi,
>
> Two things:
> 1. There are reassembly functions available for dissectors to use. These
> might help you out.
>
> 2. The pinfo only lives for a single packet dissection, so that won't work.
>  What you need to do is look into conversations, see README.developer
> section 2.2.
>
> Thanks,
> Jaap
>
> Send from my iPhone
>
> On 15 jun 2010, at 19:13, Sidda Eraiah <sidda.eraiah () kaazing com> wrote:
>
> Hi
>
> I am writing a dissector for a custom protocol and have a situation where
> packets on the wire may contain one or more frames. Also one frame can
> straddle across many packets. When I detect that a frame is straddling
> across multiple packets I would like to be able to set some custom data on
> pinfo to say how far I have progressed in getting the frame during the first
> pass (while recording traffic). I need this information stored per packet,
> as the dissector is can be called on random packet (due to user selecting
> one packet in the UI).
>
> I tried using pinfo.private_data and set some value on it by the following
> code in the dissector method:
>
>          print("pinfo.private_data: "..tostring(pinfo.private_data))
>         pinfo.private_data = {"mydata", 1, 2, 3, 4}
>         print("pinfo.private_data: "..tostring(pinfo.private_data))
>         print(tostring(pinfo.private_data))
>
> This prints out the following:
>
>
> pinfo.private_data: userdata: 0x7fff1c257f20
> pinfo.private_data: userdata: 0x7fff1c257f20
> userdata: 0x7fff1c257f20
>
>
>
> As you see the data that I am trying to set is not being retained in
> pinfo.private_data.
>
> *Is there a way to store some private data on pinfo that is retained next
> time the dissector is called with the same packet? *
>
> Any workaround or suggestion is appreciated.
>
> I am using Version 1.2.7 of Wireshark on Ubuntu 10.04 LTS.
>
> --
> Best Regards,
> Sidda
>
> Director of Management Services
> > |< Kaazing Corporation >|<
> 888, Villa St. Suite #410, Mountain View, CA 94041, USA
>
> ___________________________________________________________________________
>
> Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
> Archives:     <http://www.wireshark.org/lists/wireshark-users>
> http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: <https://wireshark.org/mailman/options/wireshark-users>
> https://wireshark.org/mailman/options/wireshark-users
>              <wireshark-users-request () wireshark org?subject=unsubscribe>
> mailto:wireshark-users-request () wireshark org?subject=unsubscribe<wireshark-users-request () wireshark 
> org?subject=unsubscribe>
>
>
> ___________________________________________________________________________
> Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
> Archives:    http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>             mailto:wireshark-users-request () wireshark org
> ?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe