Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: [Wireshark-dev] problem in adding message in wireshark tree

From: Awadhesh Kumar <awadhesh.usa@xxxxxxxxx>
Date: Mon, 26 Oct 2009 23:50:43 +0530

Hi,

I am writing LUA disectors for Wireshark packets. I am seeing that my disectors are getting called multiple times for a packet. I am calculating udp packet length as below
 
udp_len_f = Field.new("udp.length")
 
function InDirectmip_proto.dissector(buffer,pinfo,tree)
 
        print(udp_len_f ( ))
 
end
 
But in next call of disectors, udp length is coming "nil". I don't know for what packet this is getting called?
 
Also I have created tree to add my own user defined information in wireshark tree as
 
stmpsecuritytree = tree:add(InDirectmip_proto,buffer(),"STMP SECURITY HEADER");
stmptree = tree:add(InDirectmip_proto,buffer(),"STMP DATA HEADER");
subtree = tree:add(InDirectmip_proto,buffer(),"ST DATA")
 
res, status = pcall (udp_len_f )
 
if( res) then
 
stmpsecuritytree:add(buffer(0,1)," STMP Message length: " .. udp_len_f());
 
else
print (" I got exception");
 
end
 
Here at call of pcall (udp_len_f ) , res is printing as false in second call. It means function udp_len_f () has thrown exception in second call. Due to this exception message "STMP Message length" is not added in the wireshark tree.
 
 
I want to handle the exception in following if failed in lua when I am calling above API.
 
                stmpsecuritytree:add(buffer(0,1)," STMP Message length: " .. udp_len_f());
 

 How can I stop the wireshark/LUA library which restricts to call dissectors multiple times?
 
Please help me in this regard.
 
Thanks in Advance
Awadhesh.

P.S. I asked this problem on LUA support group, they suggested me to post this on wireshark group.