So when you say that using a ProtoField would create a filterable field, do you mean that wireshark can then filter based on some field in the protocol which has the ProtoField added to it? If so, then what would that field be, and how would you access it? E.G. does that mean that when I start up my wireshark and start a capture, can I then try in the filter field something like my_proto contains my_field and it would then only show the packets that contain my_field, or did you mean something else by being filterable?
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Luis EG Ontanon Sent: Wednesday, June 18, 2008 10:32 AM To: Developer support list for Wireshark Subject: Re: [Wireshark-dev] LUA development highlighting bytefield display with LUA mytree = subtree:add(tvb:range(0x1), "STUFF") should work or better if you defina a protoField lets'say local pf_mine = ProtoField.uint8("my_field") ... mytree = subtree:add(pf_mine, "STUFF") should not only highlight the bytes but should create a filterable field "my_proto.my_filed" for the byte(s) in the tvbRange. On Wed, Jun 18, 2008 at 3:15 PM, Rowswell, Brent <[EMAIL PROTECTED]> wrote: > I've been trying to use this to get the subtrees to highlight, and so > far I can only get the first subtree to highlight correctly. Here's > the syntax of what I'm trying. > > local subtree = (tree:add(my_proto, tvb:range(), "my header")) -- > works local mytree = (subtree:add("TEST ", tvb:range(0x1), "STUFF")) > -- doesn't highlight > > I know that wireshark can highlight the subtrees just by looking at > the ethernet filters in the hex pane, but for some reason this isn't > highlighting there. What should I do to get this to highlight. The > way I figure this should work is the first one highlights the entire > tvb, which it does, and the second should highlight all but the first > byte, which it doesn't. > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Luis EG > Ontanon > Sent: Tuesday, June 17, 2008 7:47 AM > To: Developer support list for Wireshark > Subject: Re: [Wireshark-dev] LUA development highlighting bytefield > display with LUA > > Lua uses the very same API that dissectors use. For protocol tree > items created with Lua (when they are given a tvbRange) the bytes in > the hex dump pane get highlighted as with any other dissector. > > > On Mon, Jun 16, 2008 at 3:37 PM, Rowswell, Brent > <[EMAIL PROTECTED]> wrote: >> Hey there, >> >> I was wondering if there was a way to make my LUA dissector highlight >> specific bytes in the bytefield display so that they stand out >> easily, > >> such as the various portions of my header and attach these to the >> subtrees that explain what they are. I know something that does this >> is already built into wireshark and that it works very well for >> predefined message types, for instance it dissects TCP headers is a >> very readable way so that you can actually see which bytes correspond >> to the source and destination addresses. I would like to do >> something > >> similar on my own message type, so that the specific portions of my >> message are easily readable after dissection. Is there any way to do > this inside my LUA script? >> >> Brent Rowswell >> >> _______________________________________________ >> Wireshark-dev mailing list >> Wireshark-dev@wireshark.org >> https://wireshark.org/mailman/listinfo/wireshark-dev >> >> > > > > -- > This information is top security. When you have read it, destroy > yourself. > -- Marshall McLuhan > _______________________________________________ > Wireshark-dev mailing list > Wireshark-dev@wireshark.org > https://wireshark.org/mailman/listinfo/wireshark-dev > _______________________________________________ > Wireshark-dev mailing list > Wireshark-dev@wireshark.org > https://wireshark.org/mailman/listinfo/wireshark-dev > -- This information is top security. When you have read it, destroy yourself. -- Marshall McLuhan _______________________________________________ Wireshark-dev mailing list Wireshark-dev@wireshark.org https://wireshark.org/mailman/listinfo/wireshark-dev _______________________________________________ Wireshark-dev mailing list Wireshark-dev@wireshark.org https://wireshark.org/mailman/listinfo/wireshark-dev
