Florian wrote:
Hi
I am using a Listener/tap in LUA to do some logical checks on protocol
level via a third party protocol dissector.
In the packet details pane (of wireshark 1.2.1), some fields could be
auto translated into a Display Filter via the context menu
(right-mouse-function) 'prepare a filter' or 'copy fieldname'. I can
easily access the values via the 'Field.new()' function in LUA.
However some other fields are displayed in the tree view in the packet
details pane, but can't be translated into a Display Filter.
Is there any way to access this data (fieldname seems to be "Text item")
through Lua? I.e. iterating through the dissected tree as displayed in
wireshark? I didn't find any hint in the LUA API or the examples.
If it says "Text item" then that means the field was added (by the
dissector) via proto_tree_add_text(). That means the field is not
filterable (which is why we generally discourage the use of that
function for protocol fields). Feel free to submit patches against the
offending dissectors to make those fields filterable :-).
Are you trying to get the filter name or the value of the field (which
is just text)? The former is not possible as mentioned above and I
doubt (but do not know) that the latter is possible.
Additional question: can the content of any column (i.e. info) be read
from LUA?
I was only able to write (append/prepend) some additional text to the
colums in LUA.
I don't think you can read the contents of a column from a built-in
dissector (or, if it was possible, whether it would be allowed). What
information do you need from the column?
