On Mon, Oct 12, 2020, 8:00 PM Fulko Hew <fulko....@gmail.com> wrote: > > I'm trying to update/improve someone else's decoder written in Lua. > It's for a simple UDP (and TCP) based protocol. > But I need to be able to get access to the upper layer > to be able to decode it easily. > > Can someone provide an example of how to determine if the higher layer was > UDP or TCP? >
If all you need to know is whether it was called from TCP or UDP, then a typical approach is to create slightly different dissector functions, one for TCP and one for UDP (they can then call a common function, setting a parameter) and register the TCP dissector with TCP and the UDP dissector with UDP. That approach for C dissectors is demonstrated, for example, here: https://gitlab.com/wireshark/wireshark/-/blob/master/doc/README.heuristic And it's pretty similar for Lua dissectors using some of the examples linked from here: https://gitlab.com/wireshark/wireshark/-/wikis/Lua John Thacker
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
