Wireshark-dev: Re: [Wireshark-dev] Preparing to Write Dissector for New IPv6 Destination Option
From: Nalini Elkins <[email protected]>
Date: Mon, 6 Jul 2015 15:36:58 +0000 (UTC)

Thanks so much for your help!!!

Will be waiting for your changes.

Nalini Elkins
Inside Products, Inc.
(831) 659-8360

From: Hadriel Kaplan <[email protected]>
To: Nalini Elkins <[email protected]>; Developer support list for Wireshark <[email protected]>
Sent: Monday, July 6, 2015 8:17 AM
Subject: Re: [Wireshark-dev] Preparing to Write Dissector for New IPv6 Destination Option

If you can wait an hour, I’ll find some free time to look at your script in detail and see if I can send you an updated/corrected one.

Some quick comments from skimming the script:

The first error you’re seeing is because on line 34 (and lines after) you’re invoking the subtreeitem:add() with the wrong third argument.


The third argument is the value of the field - since in the ProtoField creation you told Wireshark the ‘scaledtlr' field was a unsigned 16-bit integer (uint16), it expects the value to be of that type; but instead it sees a string being passed in. Basically it looks like you swapped the positions of the third and fourth arguments in subtreeitem:add(). Also, the second argument is wrong too - it tells wireshark that your field is within the entire Tvb buffer’s bytes, instead of a small range of a couple of bytes.

But you don’t need to pass those third and fourth arguments in anyway - Wireshark should be able to figure them out, based on the ProtoField info you gave it. (once you fix the second argument)

But even if you fix all that, I don’t think the script will result in correct data. Since you’ve removed the Destination Options dissector from the “ipv6.nxt” table, and replaced it with your own protocol dissector, the Tvb buffer you’ll be getting is for the whole IPv6 options header, including the Next header byte and Header extension length byte, before the options content defined in your draft. And you’ll need to return the number of bytes consumed by your dissector, since that’s the only way the IPv6 dissector will know how many bytes your option consumed.

As a side note, perhaps it would be better if wireshark's IPv6 dissector offered a table specifically for Destination Options, key'ed by the option type, but right now it doesn’t.


> On Jul 6, 2015, at 9:15 AM, Nalini Elkins <[email protected]> wrote:
> Hello All,
> Please let me know if I should post this to the user's list.
> My proposal for a new IPv6 Destination Option was recently adopted by the IP Performance Metrics Working Group of the IETF.  It is at:
> http://datatracker.ietf.org/doc/draft-ietf-ippm-6man-pdm-option/  
> I have started implementation of this on FreeBSD.  Of course, one of the steps in this process is to write a Wireshark dissector!
> I have started with an LUA implementation.  (See attached)  I am having some problems as this is my first time with LUA. 
> The first problem is that I do not seem to be pointing to the payload of the IPv6 Destination Option correctly.  The parsing should be for the field ipv6.opt.experimental.  But, I am not able to make this work.  I would appreciate any help.
> A PCAP is also attached.
> Thanks,
> Nalini Elkins
> Inside Products, Inc.
> (831) 659-8360
> www.insidethestack.com
> <pdmIPSec.pcapng><pdmOriginal.lua>___________________________________________________________________________

> Sent via:    Wireshark-dev mailing list <[email protected]>
> Archives:    https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>            mailto:[email protected]?subject=unsubscribe