wireshark-dev October 2010 archive
Main Archive Page > Month Archives  > wireshark-dev archives
wireshark-dev: Re: [Wireshark-dev] Wireshark lua (wslua) and bit

Re: [Wireshark-dev] Wireshark lua (wslua) and bit fields - how to do it?

From: Tony Trinh <tony19_at_nospam>
Date: Sat Oct 23 2010 - 20:15:31 GMT
To: wireshark-dev@wireshark.org

The shred_rd field should be defined with a mask, so that it's automatically
masked and shifted. I'm assuming it's a bit that represents "read only".

The Lua below lets you filter with "shred.rd == true":

-- read-only at bit 1
fields.shred_rd = ProtoField.bool("shred.rd", "Read only", base.DEC, nil, 0x02)

for shred = 1, num_shreds
do
        subtree:add("----- NV Storage Shred" .. shred .. " -----")
        subtree:add(fields.shred_id, buffer(offset, 8))
        subtree:add(fields.shred_flags, buffer(offset+8, 8))

        local flags=tonumber(tostring(buffer(offset+8,8):uint64()))
        local hex=tostring(bit.tohex(bit.band(flags,0x02)))
        subtree:add("----- NV Storage hexflags: " .. hex)
        
        --[[
                Since shred_rd is a bool, the buffer length must be 1.
                shred_rd's offset (bit 1) is in the lower 8 bits of the 64-bit
                flags.
        ]]--
        local OFFSET_FLAGS_LSB = offset+8+7
        subtree:add(fields.shred_rd, buffer(OFFSET_FLAGS_LSB,1))

        offset=offset+inc
end

> ----------------------------------------------------------------------
>
> Message: 1
> Date: Thu, 21 Oct 2010 17:46:29 +0000
> From: Daniel Lynes <dlynes@pv-labs.com>
> Subject: [Wireshark-dev] Wireshark lua (wslua) and bit fields - how to
>        do it?
> To: wireshark-dev@wireshark.org
> Message-ID: <1287683189.17967.24.camel@yvorontsov-gpu1>
> Content-Type: text/plain; charset="us-ascii"
>
> I'm trying to output some bit values in my wireshark dissector decode.
> However, I want to be able to filter based on those bit values.
>
> I can't seem to use the LUA bitop library to do it, because lua
> complains that the result is not a uservalue.
>
> I've got the following code:
>
>                        for shred = 1, num_shreds
>                        do
>                                subtree:add("----- NV Storage Shred " ..
> shred .. " -----")
>                                subtree:add(fields.shred_id,
> buffer(offset, 8))
>                                subtree:add(fields.shred_flags,
> buffer(offset+8, 8))
>                                local
> flags=tonumber(tostring(buffer(offset+8,8):uint64()))
>                                local
> hex=tostring(bit.tohex(bit.band(flags,0x02)))
>                                subtree:add("----- NV Storage hex flags:
> " .. hex)
>                                local hexba=ByteArray.new(hex)
>                          -- The following line complains about a nil
> uservalue
>                                local rdonly=Tvb.new_real(hexba, "hex")
>                          -- The following line complains about the
> value being a number instead of a uservalue
>                                subtree:add(fields.shred_rd,
> bit.band(flags, 0x02))
>                                offset=offset+inc
>                        end
>
> Does anyone happen to have any clues as to what I'm doing wrong?  Fwiw,
> I'm using 1.2.0 (1.3, 1.4, and 1.5 all have video corruption issues, and
> 1.0 has issues with 64-bit integers).
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@wireshark.org?subject=unsubscribe