Wireshark mailing list archives

Re: Lua Dissector Dev Tool

From: Pascal Quantin <pascal.quantin () gmail com>
Date: Wed, 28 Mar 2018 17:36:34 +0200

Hi Markus,

2018-03-28 2:12 GMT+02:00 Markus Leballeux <markus.leballeux () gmail com>:

Hello Wireshark Devs,

I am currently working on a lightweight Lua library called Wirebait (here
on GitHub <https://github.com/MarkoPaul0/WireBait>), which enables users
to execute and step through their dissectors without needing Wireshark. All
you need is data to dissect, which can either be a hexadecimal string
representation of a UDP/TCP payload or a .pcap file.

I believe it is now "good enough" for other people to test and *I am
looking for kind souls to try the library and give me some feedback*. In
order to do so, you'll need the following:

   - Lua 5.3
   - a Lua dissector you want to test
   - a .pcap file *or* a hex string representing a UDP/TCP payload you
   want to dissect

If you do fulfill the requirements, *getting set up should take less than
a minute *(more detailed instructions on the repo):

   1. download wirebait.lua,
   2. add a 5-line-snippet at the top of your dissector
   3. edit the snippet to read your .pcap or hex string
   4. you're ready to go: run your dissector and check out the dissection
   output

Even if you don't fulfill the requirements, you can still go to the Wirebait
repo <https://github.com/MarkoPaul0/WireBait> and try out the examples.

*I would appreciate any form of feedback and/or suggestions.*

Have a good one!


I'm not a Lua user but it definitely sounds interesting. One remark though
(coming from someone not knowing much about Lua, so please forgive me if
it's nonsense).
Wireshark only supports Lua 5.2.X, not Lua 5.3.X. So it only supports the
older syntax and I understood there was some subtle differences between
both. Isn't there a risk that your emunation behaves differently than
Wireshark in some corner cases due to this?

Best regards,
Pascal.

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

Lua Dissector Dev Tool Markus Leballeux (Mar 28)
- Re: Lua Dissector Dev Tool Pascal Quantin (Mar 28)
- <Possible follow-ups>
- Re: Lua Dissector Dev Tool Markus Leballeux (Mar 28)
  - Re: Lua Dissector Dev Tool Richard Sharpe (Mar 29)