Re: Decode data layer by a Wireshark supported protocol

[Savakh S <sovakah () gmail com>]

Is it possible to call a specific protocol dissector for the "data" layer
in a Lua script?

Le ven. 29 sept. 2017 à 09:41, Savakh S <sovakah () gmail com> a écrit :

> I'm not sure it's modbus but I'd like to decode it as modbus to see if
> it's properly decoded. Is there a way to achieve this ?
>
> Le ven. 29 sept. 2017 à 01:30, Guy Harris <guy () alum mit edu> a écrit :
>
> > On Sep 28, 2017, at 2:21 PM, Savakh S <sovakah () gmail com> wrote:
> >
> > > I have 802.15.4 packets with a data layer above.
> >
> > "Above" as in "the link layer is 802.15.4, and the protocol running atop
> > 802.15.4 is the data layer"?
> >
> > I.e., the "Data Payload" of an 802.15.4 Data frame is a Modbus PDU of
> > some sort?
> >
> > > But modbus isn't proposed when I right click and choose "decode as".
> >
> > That's because there's no Modbus dissector that registers itself as being
> > usable atop 802.15.4.
> >
> > So are these Modbus RTU PDUs, beginning with a unit ID byte, followed by
> > a function code byte, followed by the data?
> >
> > ___________________________________________________________________________
> > Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
> > Archives:    https://www.wireshark.org/lists/wireshark-users
> > Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
> >              mailto:wireshark-users-request () wireshark org
> > ?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe