Wireshark mailing list archives
Re: Preparing to Write Dissector for New IPv6 Destination Option
From: Nalini Elkins <nalini.elkins () insidethestack com>
Date: Mon, 6 Jul 2015 15:36:58 +0000 (UTC)
Hadriel,
Thanks so much for your help!!!
Will be waiting for your changes.
Nalini Elkins
Inside Products, Inc.
(831) 659-8360
www.insidethestack.com
From: Hadriel Kaplan <hadrielk () yahoo com>
To: Nalini Elkins <nalini.elkins () insidethestack com>; Developer support list for Wireshark <wireshark-dev ()
wireshark org>
Sent: Monday, July 6, 2015 8:17 AM
Subject: Re: [Wireshark-dev] Preparing to Write Dissector for New IPv6 Destination Option
If you can wait an hour, I’ll find some free time to look at your script in detail and see if I can send you an
updated/corrected one.
Some quick comments from skimming the script:
The first error you’re seeing is because on line 34 (and lines after) you’re invoking the subtreeitem:add() with the
wrong third argument.
See:
https://www.wireshark.org/docs/wsdg_html_chunked/lua_module_Tree.html#lua_class_TreeItem
The third argument is the value of the field - since in the ProtoField creation you told Wireshark the ‘scaledtlr'
field was a unsigned 16-bit integer (uint16), it expects the value to be of that type; but instead it sees a string
being passed in. Basically it looks like you swapped the positions of the third and fourth arguments in
subtreeitem:add(). Also, the second argument is wrong too - it tells wireshark that your field is within the entire Tvb
buffer’s bytes, instead of a small range of a couple of bytes.
But you don’t need to pass those third and fourth arguments in anyway - Wireshark should be able to figure them out,
based on the ProtoField info you gave it. (once you fix the second argument)
But even if you fix all that, I don’t think the script will result in correct data. Since you’ve removed the
Destination Options dissector from the “ipv6.nxt” table, and replaced it with your own protocol dissector, the Tvb
buffer you’ll be getting is for the whole IPv6 options header, including the Next header byte and Header extension
length byte, before the options content defined in your draft. And you’ll need to return the number of bytes consumed
by your dissector, since that’s the only way the IPv6 dissector will know how many bytes your option consumed.
As a side note, perhaps it would be better if wireshark's IPv6 dissector offered a table specifically for Destination
Options, key'ed by the option type, but right now it doesn’t.
-hadriel
On Jul 6, 2015, at 9:15 AM, Nalini Elkins <nalini.elkins () insidethestack com> wrote: Hello All, Please let me know if I should post this to the user's list. My proposal for a new IPv6 Destination Option was recently adopted by the IP Performance Metrics Working Group of the IETF. It is at: http://datatracker.ietf.org/doc/draft-ietf-ippm-6man-pdm-option/ I have started implementation of this on FreeBSD. Of course, one of the steps in this process is to write a Wireshark dissector! I have started with an LUA implementation. (See attached) I am having some problems as this is my first time with LUA. The first problem is that I do not seem to be pointing to the payload of the IPv6 Destination Option correctly. The parsing should be for the field ipv6.opt.experimental. But, I am not able to make this work. I would appreciate any help. A PCAP is also attached. Thanks, Nalini Elkins Inside Products, Inc. (831) 659-8360 www.insidethestack.com <pdmIPSec.pcapng><pdmOriginal.lua>___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Preparing to Write Dissector for New IPv6 Destination Option Nalini Elkins (Jul 06)
- Re: Preparing to Write Dissector for New IPv6 Destination Option Hadriel Kaplan (Jul 06)
- Re: Preparing to Write Dissector for New IPv6 Destination Option Nalini Elkins (Jul 06)
- Re: Preparing to Write Dissector for New IPv6 Destination Option Hadriel Kaplan (Jul 06)
- Re: Preparing to Write Dissector for New IPv6 Destination Option Nalini Elkins (Jul 06)
- Re: Preparing to Write Dissector for New IPv6 Destination Option Hadriel Kaplan (Jul 06)
- Re: Preparing to Write Dissector for New IPv6 Destination Option Nalini Elkins (Jul 06)
- Re: Preparing to Write Dissector for New IPv6 Destination Option Nalini Elkins (Jul 06)
- Re: Preparing to Write Dissector for New IPv6 Destination Option Hadriel Kaplan (Jul 06)