?> I am working on a dissector that dissects a proprietary protocol that uses raw 802.11 data frames. The protocol > specification is not open so I won't be able to contribute the dissector. I've therefore chosen to implement it in Lua.
> > Without patching Wireshark's 802.11 dissector I'm not able to register my own > dissector. So seeking advice on proper > ways to proceed and implement. > I can get it working by adding support for heuristic sub-dissectors on 802.11 > data frames. An unfinished example > uploaded here: > https://code.wireshark.org/review/#/c/27641/? I've uploaded an updated version of that patch that now only hand-offs the data portion of the frame. This together with me realizing that frame header fields can be accessed via Fields.new(...) solves the original problems I faced. With the patch above applied I can register a (Lua) heuristics dissector for raw 802.11 data frames. Updated Lua sample dissector below: local proto_example = Proto("example", "example protocol") local wlan_ra_f = Field.new("wlan.ra") local f = proto_example.fields function is_example_protocol(tvb, pinfo) -- check frame and decide whether example protocol -- if access to 802.11 frame header fields is needed these can -- be retrieved via: local wlan_ra = wlan_ra_f() -- ... return true end function proto_example.dissector(tvb, pinfo, tree) if not is_example_protocol(tvb) then return 0 end pinfo.cols.info = "" pinfo.cols.protocol = "Example" tree = tree:add(proto_example, tvb) tree:add(f.data, tvb(0)); return tvb:len() end proto_example:register_heuristic("wlan_data", proto_example.dissector) f.data = ProtoField.bytes("example.data", "data") /Mikael ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
