Wireshark mailing list archives

Re: last touches for custom Lua dissector

From: Ariel Burbaickij <ariel.burbaickij () gmail com>
Date: Tue, 30 Nov 2021 14:29:37 +0100

Hello Pascal,
cool, it works. Thank you very much for your fast response. Genuinely
appreciated! Will take a look at the updated(?) dissector now.

Kind Regards
Ariel Burbaickij


On Tue, Nov 30, 2021 at 2:22 PM Pascal Quantin <pascal () wireshark org> wrote:

Hi Ariel,

Le mar. 30 nov. 2021 à 14:12, Ariel Burbaickij <ariel.burbaickij () gmail com>
a écrit :

Hello community,
I have written a custom dissector for LTE related protocols and it runs
fine but there is one last piece that I would like to add to it. Context is
such: there is a wrapper (generic name) protocol and I call LTE dissector
in this manner:

local myrrc = Dissector.get("lte-rrc.dl.dcch")
local rrc_dl_dcch = myrrc:call(buffer(wrapper_protocol.length()):tvb(),
pinfo, tree)

or this

myrrc = Dissector.get("lte-rrc.ul.dcch")
local rrc_ul_dcch = myrrc:call(buffer(wrapper_protocol.length()):tvb(),
pinfo, tree)

and decode works just fine, however in protocol field in Wireshark's GUI
I get WRAPPER_PROOTOCOL as the name and I would like to see LTE RRC or
something similar in case of S1AP which is called like this:

  local sctp_tbl = DissectorTable.get ("sctp.ppi")
  local prot_s1ap = sctp_tbl:get_dissector(18)
  prot_s1ap:call(wrapper_protocol.length()):tvb(), pinfo, tree)

I do get S1AP as a protocol. length of wrapper_protocol is the same in
all three cases,

So, how can it be achieved foR LTE RRC and eventually NR RRC ?


The lte-rrc.dl.dcch registered dissector historically does not update the
protocol column. You might want to use lte_rrc.dl_dcch instead, which will
update the protocol column with LTE RRC DL_DCCH instead. See
epan/dissectors/packet-lte-rrc.c file for more details.

The NR RRC dissector always updates the info column.

Best regards,
Pascal.
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org
?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe

Current thread:

last touches for custom Lua dissector Ariel Burbaickij (Nov 30)
- Re: last touches for custom Lua dissector Pascal Quantin (Nov 30)
  - Re: last touches for custom Lua dissector Ariel Burbaickij (Nov 30)