Re: Lua Field API and multiple occurences

[Hadriel Kaplan <hadrielk () yahoo com>]

Actually, if I recall right... when you call the Field, you should be getting all the FieldInfo objects - you're just 
only keeping the first one in your script. (or keeping the first one's value, depending on how you wrote the script)

Can you show the details inside the tap.packet() function in your script?

Is it something like:
    -- get the FieldInfo and call it to get its value
    local rsl = rsl_field()()
or
    -- get the FieldInfo
    local rsl_finfo = rsl_field()
    -- get its value or ""
    local rsl = rsl_finfo and rsl_finfo() or ""

Is it something like one of those examples above?

If so, what's happening is you're getting back one or more FieldInfo objects, but since you've only got a single 
variable "rsl_finfo", you're only keeping the first returned one. (or in the first example, only calling the first 
returned one)

So you should do something like this instead:
   local rsl_finfos = { rsl_field() }
   for i,rsl_finfo in ipairs(rsl_finfos) do
      local rsl = rsl_finfo()
      if rsl == "46" then
        -- do whatever here
      end
   end

-hadriel
p.s. I generally don't recommend getting the FieldInfo and calling it for its value at the same time, as in 
'rsl_field()()', simply because it would result in a Lua run-time error if it turned out there was not such FieldInfo 
in the packet, but since you've set a filter you'd be safe I think. (besides this is just an email :)



On Saturday, April 5, 2014 2:38 AM, Holger Freyther <holger () freyther de> wrote:
 
Good Morning,

I am currently writing an analysis script in Lua for GSM Abis RSL. For
releasing a radio channel there is a "RF Channel Release" command and
a "RF Channel Release ACK" response. I want to calculate the time that
passed between these two.

Currently I am doing:

local tap = Listener.new("ip", "gsm_abis_rsl.msg_type == 0x2e ||
                      gsm_abis_rsl.msg_type == 0x33 ")
local ip_src_field = Field.new("ip.src")
local ip_dst_field = Field.new("ip.dst")
local frame_field  = Field.new("frame.number")
local time_field   = Field.new("frame.time_epoch")
local rsl_field    = Field.new("gsm_abis_rsl.msg_type")
local cbits_field  = Field.new("gsm_abis_rsl.ch_no_Cbits")
local ts_field     = Field.new("gsm_abis_rsl.ch_no_TN")

local connections = {}

tap.packet(pinfo,tvb,ip)
    if rsl == "46" then
      handle_release(....)
    elseif rsl == "51" then
      handle_release_ack(...)
    end
end

My issue is that using this approach I can miss RSL packets. The
equipment we have is using TCP/IP to transport the rsl messages
and there is a small header (16 bit length, one byte tag) in front
of each of the RSL messages.

What happens from time to time is that inside a single frame and
TCP packet there are multiple RSL messages. And when this happens
rsl_field() will only give me value of the first RSL message.

Is there a way to get all the values?


holger



___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe