Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: lua decoder accessing info from layers above

From: John Thacker <johnthacker () gmail com>
Date: Mon, 12 Oct 2020 20:33:37 -0400
On Mon, Oct 12, 2020, 8:00 PM Fulko Hew <fulko.hew () gmail com> wrote:



I'm trying to update/improve someone else's decoder written in Lua.
It's for a simple UDP (and TCP) based protocol.
But I need to be able to get access to the upper layer
to be able to decode it easily.

Can someone provide an example of how to determine if the higher layer was
UDP or TCP?



If all you need to know is whether it was called from TCP or UDP, then a
typical approach is to create slightly different dissector functions, one
for TCP and one for UDP (they can then call a common function, setting a
parameter) and register the TCP dissector with TCP and the UDP dissector
with UDP. That approach for C dissectors is demonstrated, for example, here:

https://gitlab.com/wireshark/wireshark/-/blob/master/doc/README.heuristic

And it's pretty similar for Lua dissectors using some of the examples
linked from here:

https://gitlab.com/wireshark/wireshark/-/wikis/Lua

John Thacker

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: