Re: [Wireshark-dev] Lua Dissector

2014-04-03 Thread Matthew Parlane
I do <_< That will be it, thanks. I had enabled it because I was trying to find Asterix on the stable release and assumed it showed hidden protocols or protocol settings :\ Thanks for your time! Sorry :( Matthew Parlane On 4 April 2014 16:52, Hadriel Kaplan wrote: > > Do you have the "Displ

Re: [Wireshark-dev] Lua Dissector

2014-04-03 Thread Hadriel Kaplan
Do you have the “Display hidden protocol items” enabled in your Protocol preferences for some reason? That would probably cause that “fake lua item” to be displayed. -hadriel On Apr 3, 2014, at 11:46 PM, Hadriel Kaplan wrote: > > Doesn’t happen for me, on Windows-XP (sorry I don’t have a n

Re: [Wireshark-dev] Lua Dissector

2014-04-03 Thread Hadriel Kaplan
Doesn’t happen for me, on Windows-XP (sorry I don’t have a newer windows to try it on right now - my main machine’s a Mac). If you can’t show your real script, can you try downloading the “dissector.lua" one on the script examples wiki page, along with the "dns_port.pcap" file, and try those t

[Wireshark-dev] Lua Dissector

2014-04-03 Thread Matthew Parlane
Hey everyone, I grabbed the latest Wireshark-win64-1.11.3-2224-gdf52f81.exe install. Made a lua script for decoding a simple protocol header and I am getting: User Datagram Protocol Blah Protocol Basicall

Re: [Wireshark-dev] Wireshark 1.11.3 on FreeBSD: no plugins are loaded

2014-04-03 Thread Jeff Morriss
On 04/01/14 10:47, Jo wrote: Hey there, I compiled Wireshark 1.11.3 on FreeBSD and can see that the plugins (especially one dissector I wrote as a plugin) is working in the build environment. When I copy the build to another FreeBSD machine, Wireshark runs properly but does not seem to load any

Re: [Wireshark-dev] overriding dissector for port 8080

2014-04-03 Thread Jeff Morriss
On 04/03/14 10:26, John Dill wrote: I have network traffic that uses TCP port 8080 for sending non-http data (on a private network with its own custom application layer on top of TCP an UDP). Is there a recommendation for how to override or remove this dissector? I still have port 80 for http

[Wireshark-dev] Announcing sysdig: tcpdump for your host

2014-04-03 Thread Loris Degioanni
Wireshark friends, I’d like to announce sysdig, the latest open source project I’ve been working on together with the team at my new startup, Draios. http://www.sysdig.org/ https://github.com/draios/sysdig Sysdig tries to bring the network analysis workflow to Linux system troubleshooting, an

Re: [Wireshark-dev] overriding dissector for port 8080

2014-04-03 Thread Alexis La Goutte
On Thu, Apr 3, 2014 at 4:26 PM, John Dill wrote: > > I have network traffic that uses TCP port 8080 for sending non-http data (on > a private network with its own custom application layer on top of TCP an > UDP). Is there a recommendation for how to override or remove this > dissector? I still h

[Wireshark-dev] overriding dissector for port 8080

2014-04-03 Thread John Dill
I have network traffic that uses TCP port 8080 for sending non-http data (on a private network with its own custom application layer on top of TCP an UDP). Is there a recommendation for how to override or remove this dissector? I still have port 80 for http traffic. I can remove port 8080 fr

[Wireshark-dev] Netwurke.com, creating customized dissectors on order

2014-04-03 Thread contact
Hi, Just want to inform you about our little endeavor which might be interesting for some people subscribing to these lists. (our apologies upfront for those not interested or if this violates the mailing-list rules (i.e. could not find any)) We make customized Wireshark dissectors (or im

Re: [Wireshark-dev] Can we move to Lua 5.2.3 only?

2014-04-03 Thread Niels de Vos
On Wed, Apr 02, 2014 at 07:03:36PM -0400, Hadriel Kaplan wrote: > > On Apr 2, 2014, at 6:07 PM, Jeff Morriss wrote: > > >>> In that case I'd vote no: Redhat EL 6 comes with 5.1.4 and it probably > >>> has a long lifetime ahead of it. > >> > >> How hard/painful would it be to install Lua 5.2.x?