Re: Decode data layer by a Wireshark supported protocol

[Jeff Morriss <jeff.morriss.ws () gmail com>]

Another option might be:

https://wiki.wireshark.org/HowToDissectAnything

On 10/01/2017 10:56 AM, Savakh S wrote:
> Is it possible to call a specific protocol dissector for the "data" 
> layer in a Lua script?
>
> Le ven. 29 sept. 2017 à 09:41, Savakh S <sovakah () gmail com 
> <mailto:sovakah () gmail com>> a écrit :
>
>     I'm not sure it's modbus but I'd like to decode it as modbus to see
>     if it's properly decoded. Is there a way to achieve this ?
>
>     Le ven. 29 sept. 2017 à 01:30, Guy Harris <guy () alum mit edu
>     <mailto:guy () alum mit edu>> a écrit :
>
>         On Sep 28, 2017, at 2:21 PM, Savakh S <sovakah () gmail com
>         <mailto:sovakah () gmail com>> wrote:
>
>          > I have 802.15.4 packets with a data layer above.
>
>         "Above" as in "the link layer is 802.15.4, and the protocol
>         running atop 802.15.4 is the data layer"?
>
>         I.e., the "Data Payload" of an 802.15.4 Data frame is a Modbus
>         PDU of some sort?
>
>          > But modbus isn't proposed when I right click and choose
>         "decode as".
>
>         That's because there's no Modbus dissector that registers itself
>         as being usable atop 802.15.4.
>
>         So are these Modbus RTU PDUs, beginning with a unit ID byte,
>         followed by a function code byte, followed by the data?
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request () wireshark org?subject=unsubscribe