Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Wireshark GUI filter control from external applications.

From: Hadriel Kaplan <HKaplan () acmepacket com>
Date: Sun, 10 Mar 2013 04:43:08 +0000

On Mar 8, 2013, at 10:49 AM, Lee Brooks <lee.brooks.inbox () gmail com<mailto:lee.brooks.inbox () gmail com>> wrote:

Okay, I've tried creating a Wireshark Lua plugin however I'm unable to keep a thread open in the background to change 
the GUI-filter without blocking the Wireshark main thread. I've even tried creating a separate Lua thread which doesn't 
work either. The other option that I have investigated was: to register the server accept() call into an API call 
similar to "register_postdissector" (which is "called for every frame after dissection") however there are no such 
suitable API calls  (and to be honest it would be a terrible hack!).

By a Lua "thread" I assume you mean coroutine, and as you probably know coroutines are not real OS threads of their own 
- they can mimic the user experience of a multi-threaded app, by yielding and resuming at numerous/appropriate times, 
but if a blocking function call is attempted in a coroutine, it'll block the whole app. LuaSocket does support a 
non-blocking model for accept(), by using settimeout() if I recall right, but yeah you'd have to have some event 
trigger to call it again and again (or to resume a coroutine that yielded).  I haven't thought about it much, but my 
guess is it would really need to be added to Wireshark's main event loop to do.  Crap.

Maybe the guys from QaCafe know how to do it in wireshark, because I think they used LuaSocket in a Wireshark Lua 
plugin for talking externally to something at some point.
Or I could look into how nmap does it, since their Lua scripts can do it.


So I guess that leaves me with a two questions:

Is there a better way of using Lua such that I can have a socket open in the background?
If not: is there a procedure for getting my (small) C++ change reviewed and getting it built into Wireshark?


Submit an enhancement ticket in bugzilla and select the 'review_for_checkin' flag when you attach your patch.
https://bugs.wireshark.org/bugzilla/

-hadriel


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: