wireshark-users October 2010 archive
Main Archive Page > Month Archives  > wireshark-users archives
wireshark-users: [Wireshark-users] lua dissector

[Wireshark-users] lua dissector

From: BAVOUX Jean-Baptiste <Jean-Baptiste.BAVOUX_at_nospam>
Date: Wed Oct 20 2010 - 11:04:24 GMT
To: <wireshark-users@wireshark.org>

Hi every body !

I'm trying to write a (very simple) dissector:

Here is my code:
-- trivial protocol example
-- declare our protocol
Myproto_proto = Proto("Myproto","Myproto Protocol")
-- create a function to dissect it
function Myproto_proto.dissector(buffer,pinfo,tree)
    pinfo.cols.protocol = "Myproto"
    local subtree = tree:add(Myproto_proto,buffer(),"Myproto Protocol Data")
        
        subtree:add(buffer(0,1),"The first character: " .. buffer(0,1)) -- this works very fine
        subtree:add(buffer(-1,1),"The last character: " .. buffer(-1,1)) -- this doesn't work
        
end
-- load the udp.port table
tcp_table = DissectorTable.get("tcp.port")
-- register our protocol to handle tcp port 8001 & 8002
tcp_table:add(8001,Myproto_proto)
tcp_table:add(8002,Myproto_proto)

For the last character, the value displayed is correct, but the data highlighted is not the good one.
It shows the character before the first one instead of the last character of the frame !!

How do I get the lenght of buffer? ( I tried pinfo.len but it doesn't work) ?
Is buffer(-1,1) correct to get last character?
How do I know what function I can call on buffer? ( the type seems to be 'userdata' ) ?

Thank you,

JB

___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users@wireshark.org>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request@wireshark.org?subject=unsubscribe