Re: [Wireshark-dev] lua dissector: using base.UNIT_STRING on ftypes.DOUBLE ProtoField

On Mon, Mar 20, 2023, 2:36 PM Dennis Lambe wrote: > On Mon, Mar 20, 2023 at 12:17 PM chuck c wrote: > > Have you tried defining the field using ProtoField.float or > ProtoField.double? > > Yup. Same behavior. Unit shows up correctly for `tshark -G values` but > doesn't appear in the UI. > The p

Re: [Wireshark-dev] lua dissector: using base.UNIT_STRING on ftypes.DOUBLE ProtoField

On Mon, Mar 20, 2023 at 12:17 PM chuck c wrote: > Have you tried defining the field using ProtoField.float or ProtoField.double? Yup. Same behavior. Unit shows up correctly for `tshark -G values` but doesn't appear in the UI. -- Dennis Lambe (He/Him) Lead Firmware Engineer sparkcharge.io ___

Re: [Wireshark-dev] lua dissector: using base.UNIT_STRING on ftypes.DOUBLE ProtoField

Have you tried defining the field using ProtoField.float or ProtoField.double? https://www.wireshark.org/docs/wsdg_html/#lua_class_ProtoField 11.3.7.17. ProtoField.float(abbr, [name], [valuestring], [desc]) 11.3.7.18. ProtoField.double(abbr, [name], [valuestring], [desc]) On Mon, Mar 20, 2023 a

[Wireshark-dev] lua dissector: using base.UNIT_STRING on ftypes.DOUBLE ProtoField

I am writing a dissector plugin in Lua, and I'm running into a problem with unit strings. I'm new to Wireshark plugins and new to Lua, so I'm not 100% sure any of what I'm doing is the right way to do it. The protocol I'm dissecting contains fields which are transmitted as integers, but should be

Re: [Wireshark-dev] Lua dissector question

Wonderful. It works. Thanks Graham! On Thu, Feb 13, 2020 at 6:07 PM Graham Bloice wrote: > > On Thu, 13 Feb 2020 at 16:54, Juanjo Martin Carrascosa > wrote: > >> Hi dev team, >> >> I am writing a Lua dissector. The 4 bytes in my packet encode a little >> endian uint32. But the following lines d

Re: [Wireshark-dev] Lua dissector question

On Thu, 13 Feb 2020 at 16:54, Juanjo Martin Carrascosa wrote: > Hi dev team, > > I am writing a Lua dissector. The 4 bytes in my packet encode a little > endian uint32. But the following lines decode it as big endian: > > local device_status = ProtoField.new ("Device Status", > "status.dev

[Wireshark-dev] Lua dissector question

Hi dev team, I am writing a Lua dissector. The 4 bytes in my packet encode a little endian uint32. But the following lines decode it as big endian: local device_status = ProtoField.new ("Device Status", "status.device_status", ftypes.UINT32) ... tree:add(device_status, tvbuf:range(4,4)) H

Re: [Wireshark-dev] Lua dissector adds trees but they have (null) in front of the tree label

On Sat, Oct 20, 2018 at 12:25 PM Richard Sharpe wrote: > > Hi folks, > > I have a small generated capture that has a three-byte header, with > the first being a function code and the next two being the length. > > I handle them like this in Lua: > > local t_header = tree:add(buffer, label) >

[Wireshark-dev] Lua dissector adds trees but they have (null) in front of the tree label

Hi folks, I have a small generated capture that has a three-byte header, with the first being a function code and the next two being the length. I handle them like this in Lua: local t_header = tree:add(buffer, label) t_header:add(f_function, buffer(offset, 1)) offset = offset + 1

Re: [Wireshark-dev] Lua dissector: How to set sub-field bit widths using preferences?

> From: Wireshark-dev [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of > David Aldrich > Sent: Thursday, September 6, 2018 8:38 AM > To: wireshark-dev@wireshark.org > Subject: Re: [Wireshark-dev] Lua dissector: How to set sub-field bit widths > using preferences? >

Re: [Wireshark-dev] Lua dissector: How to set sub-field bit widths using preferences?

Hi Chris Thank you very much. It's working very nicely now. Sorry to have questioned your solution! Best regards David ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev

Re: [Wireshark-dev] Lua dissector: How to set sub-field bit widths using preferences?

Small correction. > -Original Message- > > 2) What does this line do? > > > > table.insert(t, (bit.band(bit.rshift(val, i), 1) == 1 and '1') or '0') > > This shifts val right i number of bits, where i is a value between 16 and 1, > and > then tests that bit to see if it's set or not. If

Re: [Wireshark-dev] Lua dissector: How to set sub-field bit widths using preferences?

> From: Wireshark-dev [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of > David Aldrich > Sent: Thursday, September 6, 2018 7:01 AM > To: wireshark-dev@wireshark.org > Subject: Re: [Wireshark-dev] Lua dissector: How to set sub-field bit widths > using preferen

Re: [Wireshark-dev] Lua dissector: How to set sub-field bit widths using preferences?

Hi Chris Thanks very much for your reply and suggested code. I have a couple of questions: 1) I need to declare RuPortId_F somehow. Previously I had: RuPortId_F = ProtoField.uint16("my_protocol.RuPortId", "RU Port ID", base.HEX, NULL, 0x000F) but now the masking is done in your functi

Re: [Wireshark-dev] Lua dissector: How to set sub-field bit widths using preferences?

On Mon, Sep 3, 2018 at 11:32 AM David Aldrich wrote: > Our protocol includes a 16-bit field which is sub-divided into 4 > sub-fields. The width of those sub-fields is variable so I want to specify > the widths using Wireshark preferences. I understand how to create and > read Wireshark prefere

Re: [Wireshark-dev] Lua dissector: How to set sub-field bit widths using preferences?

ee 11.6.4.6. proto.prefs_changed at https://www.wireshark.org/docs/wsdg_html_chunked/lua_module_Proto.html From: Wireshark-dev [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of David Aldrich Sent: Monday, September 3, 2018 11:32 AM To: wireshark-dev@wireshark.org Subject: [Wireshark-dev] Lua dis

[Wireshark-dev] Lua dissector: How to set sub-field bit widths using preferences?

Our protocol includes a 16-bit field which is sub-divided into 4 sub-fields. The width of those sub-fields is variable so I want to specify the widths using Wireshark preferences. I understand how to create and read Wireshark preferences but I am unsure of how to apply them in this circumstance.

Re: [Wireshark-dev] Lua dissector for raw 802.11 data frames

?> I am working on a dissector that dissects a proprietary protocol that uses raw 802.11 data frames. The protocol > specification is not open so I won't be able to contribute the dissector. I've therefore chosen to implement it in Lua. > > Without patching Wireshark's 802.11 dissector I'm not

[Wireshark-dev] Lua dissector for raw 802.11 data frames

?Hi, I am working on a dissector that dissects a proprietary protocol that uses raw 802.11 data frames. The protocol specification is not open so I won't be able to contribute the dissector. I've therefore chosen to implement it in Lua. Without patching Wireshark's 802.11 dissector I'm not ab

Re: [Wireshark-dev] Lua Dissector Dev Tool

On Wed, Mar 28, 2018 at 4:06 PM, Markus Leballeux wrote: > Pascal, > > That question makes a lot of sense actually. You are correct, Wireshark and > Wirebait don't use the same version of Lua and I can think of 2 kinds of > compatibility "challenges": > > Compatibility between Wireshark and Wireba

Re: [Wireshark-dev] Lua Dissector Dev Tool

Pascal, That question makes a lot of sense actually. You are correct, Wireshark and Wirebait don't use the same version of Lua and I can think of 2 kinds of compatibility "challenges": 1. *Compatibility between Wireshark and Wirebait:* Wireshark and Wirebait *never* interact with each other

Re: [Wireshark-dev] Lua Dissector Dev Tool

Hi Markus, 2018-03-28 2:12 GMT+02:00 Markus Leballeux : > Hello Wireshark Devs, > > I am currently working on a lightweight Lua library called Wirebait (here > on GitHub ), which enables users > to execute and step through their dissectors without needing W

[Wireshark-dev] Lua Dissector Dev Tool

Hello Wireshark Devs, I am currently working on a lightweight Lua library called Wirebait (here on GitHub ), which enables users to execute and step through their dissectors without needing Wireshark. All you need is data to dissect, which can either be a he

[Wireshark-dev] Lua dissector calling sub dissectors seems to breaks ssl data reassembly

Hi, I am attempting to write a lua dissector for an SSLVPN protocol tunneling PPP within an SSL connection with some vendor specific framing. The dissector works just fine when I call 'data' subdissector on those ppp frames. However, as soon as I call ppp subdissectors, some frames are not decod

Re: [Wireshark-dev] LUA dissector: server port is 400-port range

You could try: tcp_port_table:add(“8000-8399”, mgi_dissector) - Chris From: wireshark-dev-boun...@wireshark.org [mailto:wireshark-dev-boun...@wireshark.org] On Behalf Of Jerry White Sent: Tuesday, November 1, 2016 11:07 PM To: Developer support list for Wireshark Subject: [Wireshark-dev] LUA

[Wireshark-dev] LUA dissector: server port is 400-port range

I'm writing a dissector for an application that can use any tcp port between 8000-8399. I've been doing multiple port dissection with the following code, but it seems unmanageable for 400 ports. local tcp_port_table = DissectorTable.get("tcp.port") local mgi_dissector = tcp_port_table:get_dissecto

[Wireshark-dev] Lua dissector & Protocol Hierarchy

Hi, We have odd traffic on the network and we want to see specific names for them. I have a couple of generic protocol dissectors (for TCP and UDP in Lua); they allow me to see the protocol. [Description: cid:image004.png@01D04D1D.DC83CD40] The Statistic / Protocol Hierarchy tree shows "Text i

Re: [Wireshark-dev] Lua Dissector

I do <_< That will be it, thanks. I had enabled it because I was trying to find Asterix on the stable release and assumed it showed hidden protocols or protocol settings :\ Thanks for your time! Sorry :( Matthew Parlane On 4 April 2014 16:52, Hadriel Kaplan wrote: > > Do you have the "Displ

Re: [Wireshark-dev] Lua Dissector

Do you have the “Display hidden protocol items” enabled in your Protocol preferences for some reason? That would probably cause that “fake lua item” to be displayed. -hadriel On Apr 3, 2014, at 11:46 PM, Hadriel Kaplan wrote: > > Doesn’t happen for me, on Windows-XP (sorry I don’t have a n

Re: [Wireshark-dev] Lua Dissector

Doesn’t happen for me, on Windows-XP (sorry I don’t have a newer windows to try it on right now - my main machine’s a Mac). If you can’t show your real script, can you try downloading the “dissector.lua" one on the script examples wiki page, along with the "dns_port.pcap" file, and try those t

[Wireshark-dev] Lua Dissector

Hey everyone, I grabbed the latest Wireshark-win64-1.11.3-2224-gdf52f81.exe install. Made a lua script for decoding a simple protocol header and I am getting: User Datagram Protocol Blah Protocol Basicall

Re: [Wireshark-dev] LUA Dissector for custom packets

Reinhard Speyerer schrieb: > Christian Gurk wrote: > >> So I wrote the test dissector and it showes up in the Enable Protocols >> List (and of course, I activate it). But when I try to use it with >> "Decode as", this menu item is grayed out, so I can't use it. > >> Here is the code of my first

Re: [Wireshark-dev] LUA Dissector for custom packets

Christian Gurk wrote: > So I wrote the test dissector and it showes up in the Enable Protocols > List (and of course, I activate it). But when I try to use it with > "Decode as", this menu item is grayed out, so I can't use it. > Here is the code of my first test: >> -- trivial protocol example

[Wireshark-dev] LUA Dissector for custom packets

Hi, we plan to use Wireshark to analyze our network traffic in a scientific motivated serial bus system. We capture the traffic with our own software (via virtual COM port over USB) and save the packet-data in a text file (we plan to use the K12-text file format at the moment). I managed to load

[Wireshark-dev] Lua dissector can't create new Tvbs

In working with Lua custom dissectors, if I pass the current dissector's 'buffer' variable to another dissector that I am calling for a specific subrange of the data, the 'buffer' variable is destroyed when the second dissector finishes and is no longer available to the first dissector. To work ar

Re: [Wireshark-dev] Lua dissector example error

> On 9/12/07, Patrik Lundquist <[EMAIL PROTECTED]> wrote: >> Hi, >> >> the Lua dissector example in wsluarm.xml uses C defines instead of Lua >> defines where display bases for ProtoFields are used. Patch attached. >> Committed: SVN #22853 Thanks __

Re: [Wireshark-dev] Lua dissector example error

can this be either checked-in or put as a patch in bugzilla, I won't be able to check it in for a while and I will probably forgetabout this. Luis On 9/12/07, Patrik Lundquist <[EMAIL PROTECTED]> wrote: > Hi, > > the Lua dissector example in wsluarm.xml uses C defines instead of Lua > defines whe

[Wireshark-dev] Lua dissector example error

Hi, the Lua dissector example in wsluarm.xml uses C defines instead of Lua defines where display bases for ProtoFields are used. Patch attached. Thanks for a great program! Cheers, Patrik wsluarm.patch Description: Binary data ___ Wireshark-dev maili