Wireshark mailing list archives
lua and ss7 mtp2
From: Cristian Constantin <const.crist () googlemail com>
Date: Fri, 15 Mar 2013 19:24:39 +0100
hi!
I am trying to access from a lua script the length indictator field of
the mtp2 protocol.
1. yes, I am sure that the capture contains ss7 mtp2 traffic
2. yes, I am sure that the filter selects the ss7 mtp2 traffic.
3. I am using wireshark:
wireshark -v
wireshark 1.8.2
Copyright 1998-2012 Gerald Combs <gerald () wireshark org> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with GTK+ 2.24.10, with Cairo 1.12.2, with Pango 1.30.0, with
GLib 2.32.4, with libpcap, with libz 1.2.7, with POSIX capabilities (Linux),
with SMI 0.4.8, with c-ares 1.9.1, with Lua 5.1, without Python, with GnuTLS
2.12.20, with Gcrypt 1.5.0, with MIT Kerberos, with GeoIP, with PortAudio
V19-devel (built Jul 20 2011 00:01:38), with AirPcap.
Running on Linux 3.1.0-1-amd64, with locale en_US.UTF-8, with libpcap version
1.1.1, with libz 1.2.3.4, GnuTLS 2.12.19, Gcrypt 1.5.0, without AirPcap.
Built using gcc 4.7.2.
does anyone here know why for example this snippet:
local mtp2_li_field = Field.new("mtp2.li")
function tap.packet(pinfo, tvb)
local mtp2_len = mtp2_li_field()
print("mtp2 len:", tostring(mtp2_len))
print("mtp2 len:", tostring(mtp2_len.value))
end
dumps something like:
mtp2 len: nil
[string "get_isup.lua"]:187: attempt to index local 'mtp2_len' (a nil value)
??
otoh this one:
local mtp2_field = Field.new("mtp2")
function tap.packet(pinfo, tvb)
local mtp2 = mtp2_field()
local l = string.byte(mtp2.value,3);
end
barks like this:
[string "get_isup.lua"]:189: bad argument #1 to 'byte' (string
expected, got userdata)
on a more general note, how to use lua in wireshark with binary
protocols when lua
lacks built-in support for working with binary values (i.e.
pack/unpack, oct a la perl)???
I mean I have found and I have used the "struct" package from here:
http://www.inf.puc-rio.br/~roberto/struct/
but in this case it does not seem to be enough...
thanks a lot!
bye now!
cristian
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- lua and ss7 mtp2 Cristian Constantin (Mar 15)
- <Possible follow-ups>
- Re: lua and ss7 mtp2 Hadriel Kaplan (Mar 16)
- Re: lua and ss7 mtp2 Cristian Constantin (Mar 18)
- Re: lua and ss7 mtp2 Hadriel Kaplan (Mar 18)
- Re: lua and ss7 mtp2 Hadriel Kaplan (Mar 18)
- Re: lua and ss7 mtp2 Cristian Constantin (Mar 18)