Wireshark mailing list archives

Re: Wireshark lua (wslua) and bit fields - how to do it?

From: Daniel Lynes <dlynes () pv-labs com>
Date: Mon, 25 Oct 2010 13:33:32 +0000

Thanks, Tony.

It doesn't quite do what I need it to do, but it comes pretty
close...close enough that if I can't do it exactly the way I want easily
enough, this will do.

The other complication comes in, where I might have the following
scenario:

Bitmask:  0x00FFFFFF00000000
Shift:        24

So that     0x0012345600000000
becomes  0x0000000012345600

That being said, I just realized I can just alter the bitmask slightly
to compensate.

Thanks again for your help, Tony.

Much appreciated.

On Sat, 2010-10-23 at 16:15 -0400, Tony Trinh wrote:

The shred_rd field should be defined with a mask, so that it's automatically
masked and shifted. I'm assuming it's a bit that represents "read only".

The Lua below lets you filter with "shred.rd == true":

-- read-only at bit 1
fields.shred_rd = ProtoField.bool("shred.rd", "Read only", base.DEC, nil, 0x02)

for shred = 1, num_shreds
do
      subtree:add("----- NV Storage Shred" .. shred .. " -----")
      subtree:add(fields.shred_id, buffer(offset, 8))
      subtree:add(fields.shred_flags, buffer(offset+8, 8))

      local flags=tonumber(tostring(buffer(offset+8,8):uint64()))
      local hex=tostring(bit.tohex(bit.band(flags,0x02)))
      subtree:add("----- NV Storage hexflags: " .. hex)
      
      --[[
              Since shred_rd is a bool, the buffer length must be 1.
              shred_rd's offset (bit 1) is in the lower 8 bits of the 64-bit
              flags.
      ]]--
      local OFFSET_FLAGS_LSB = offset+8+7
      subtree:add(fields.shred_rd, buffer(OFFSET_FLAGS_LSB,1))

      offset=offset+inc
end

----------------------------------------------------------------------

Message: 1
Date: Thu, 21 Oct 2010 17:46:29 +0000
From: Daniel Lynes <dlynes () pv-labs com>
Subject: [Wireshark-dev] Wireshark lua (wslua) and bit fields - how to
       do it?
To: wireshark-dev () wireshark org
Message-ID: <1287683189.17967.24.camel@yvorontsov-gpu1>
Content-Type: text/plain; charset="us-ascii"

I'm trying to output some bit values in my wireshark dissector decode.
However, I want to be able to filter based on those bit values.

I can't seem to use the LUA bitop library to do it, because lua
complains that the result is not a uservalue.

I've got the following code:

                       for shred = 1, num_shreds
                       do
                               subtree:add("----- NV Storage Shred " ..
shred .. " -----")
                               subtree:add(fields.shred_id,
buffer(offset, 8))
                               subtree:add(fields.shred_flags,
buffer(offset+8, 8))
                               local
flags=tonumber(tostring(buffer(offset+8,8):uint64()))
                               local
hex=tostring(bit.tohex(bit.band(flags,0x02)))
                               subtree:add("----- NV Storage hex flags:
" .. hex)
                               local hexba=ByteArray.new(hex)
                         -- The following line complains about a nil
uservalue
                               local rdonly=Tvb.new_real(hexba, "hex")
                         -- The following line complains about the
value being a number instead of a uservalue
                               subtree:add(fields.shred_rd,
bit.band(flags, 0x02))
                               offset=offset+inc
                       end

Does anyone happen to have any clues as to what I'm doing wrong?  Fwiw,
I'm using 1.2.0 (1.3, 1.4, and 1.5 all have video corruption issues, and
1.0 has issues with 64-bit integers).

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe


Daniel Lynes
Software Engineer
PV Labs Intelligent Imaging
(905) 667-7308

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

Re: Wireshark lua (wslua) and bit fields - how to do it? Tony Trinh (Oct 23)
- Re: Wireshark lua (wslua) and bit fields - how to do it? Daniel Lynes (Oct 25)
- Re: Wireshark lua (wslua) and bit fields - how to do it? Tony Trinh (Oct 25)
  - Re: Wireshark lua (wslua) and bit fields - how to do it? Daniel Lynes (Oct 28)
  - Re: Wireshark lua (wslua) and bit fields - how to do it? Tony Trinh (Oct 28)