Can anybody suggest what else I need to do I'm running wireshark-GTK 2.2.6 on Ubuntu 16.04. If you're only interested in the last protocol in the stack, tcp in this case, then you can write a function (or search for one) to trim all characters up to and including the ':' from the string. Both the protocol ( MAVLINKPROTO) and the LUADissector appear in the Internals>Supported Protocols, and it's enabled under Enabled Protocols, and I've checked that a LUA file runs using -X luascript:a, as suggested in the wireshark docs. I'm giving an idea of what you can expect in my 'Packet Class: Wireshark' training when we will cover protocol dissectors written in Lua. and then the dissector wouldnt apply so just use it when - dissecting razer traffic. When I ran it, it displayed something like this: Source: 192.168.1.1:12345Ĭonversation: 192.168.1.1:12345->192.168.1.2:45678 It will change the the content of PROTOCOL in the Wireshark, my question is, how to do the same thing with lua code. Thanks to karlp for making a nice lua protocol example for USB. If you add/replace these lines to the postdissector example given, you can see what I mean: 7 frame_protocols_f = Field.new("frame.protocols")ġ3 protocols_F = ProtoField.string("trivial.protocols", "Protocols")ġ4 trivial_proto.fields = ģ0 subtree:add(protocols_F,tostring(protocols)) In the "Trivial" example provided, if you try to use pinfo.curr_proto, you will get "Trivial", which isn't what you want I don't think, but you should be able to use frame.protocols to determine which protocols are present in the frame. Lua scripting allows you to dynamically access info that might not be available in Wireshark normally Examples will be added at some point. pyreshark : Use Python instead of Lua to communicate with Wireshark. Have you looked at the Lua postdissectors? kaitai-to-wireshark: Convert a Kaitai struct binary file description to a Lua Plugin.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |