Wireshark-dev: Re: [Wireshark-dev] Save extracted data from reassembled packets
From: Peter Smith <[email protected]>
Date: Tue, 23 Feb 2010 12:16:32 +0200

Thank you very much for such quick fix. I was suprised it took only one line of C code. Indeed knowledge is power :) Now when I use the previously mentioned Lua code with print(wsp_pdu.value), it gives me the hex bytes of the extracted field for the complete protocol payload which is exactly what I was looking for.

There is another problem with all 1.3.3 and 1.3.4 versions though when I use them for mmse protocol but that's a different story for a different thread :))

Just for the record here is the error in wireshark packet summary column for mmse protocol:
MMSE MMS m-retrieve-conf[Dissector bug, protocol MMSE: proto.c:2269: failed assertion "fi && "proto_tree_set_visible(tree, TRUE) should have been called previously""]

2010/2/22 Stig Bjørlykke <[email protected]>
On 21. feb. 2010, at 20.00, Peter Smith wrote:

> I have the following code to get the reassembled WSP payload out of packet in wireshark
> ===================================
> wsp_extractor = Field.new("wsp")

Wireshark does not currently support handling FT_PROTOCOL as a field extractor.  I suppose in this situation the FT_PROTOCOL should be handled as a byte array, and maybe this is the best handling.  I have just committed revision 31951 with a fix for this, please try a automated build[1] in an hour or so.

[1] http://www.wireshark.org/download/automated/

Stig Bjørlykke

Sent via:    Wireshark-dev mailing list <[email protected]>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:[email protected]?subject=unsubscribe