Wireshark · Wireshark-dev: Re: [Wireshark-dev] Lua dissector: How to set sub-field bit widths using preferences?

["Maynard, Chris" <Christopher.Maynard@xxxxxxx>]

> From: Wireshark-dev [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of David Aldrich
> Sent: Thursday, September 6, 2018 7:01 AM
> To: wireshark-dev@xxxxxxxxxxxxx
> Subject: Re: [Wireshark-dev] Lua dissector: How to set sub-field bit widths using preferences?
> 
> Hi Chris
> 
> Thanks very much for your reply and suggested code.  I have a couple of questions:

You're welcome.

> 1) I need to declare RuPortId_F somehow.  Previously I had:
>
> RuPortId_F = ProtoField.uint16("my_protocol.RuPortId", "RU Port ID", base.HEX, NULL, 0x000F)
> 
> but now the masking is done in your function. So how should I declare it?

It hardly matters because the mask specified here isn't being used anymore.  I would probably just use:

RuPortId_F = ProtoField.uint16("my_protocol.RuPortId", "RU Port ID", base.HEX)

By the way, you should use nil instead of NULL in Lua.
From https://www.lua.org/manual/5.2/manual.html:

There are eight basic types in Lua: nil, boolean, number, string, function, userdata, thread, and table. Nil is the type of the value nil, whose main property is to be different from any other value; it usually represents the absence of a useful value.

> 2) What does this line do?
> 
> table.insert(t, (bit.band(bit.rshift(val, i), 1) == 1 and '1') or '0')

This shifts val right i number of bits, where i is a value between 16 and 1, and then tests that bit to see if it's set or not.  If it is set, it inserts a '1' into the table t; otherwise it inserts a '0' into the table t.

> 3) Your function makes things much tidier but, as I think Jeff points out, the preference still gets read in the header code. This means that if the user changes the value of the preference, your function does not reflect the change until Wireshark is restarted (and the dissector reloaded).  Do you agree? Is there any way around this?

No.  You can dynamically change the preference and it will take immediate affect without needing to restart Wireshark.

- Chris











CONFIDENTIALITY NOTICE: This message is the property of International Game Technology PLC and/or its subsidiaries and may contain proprietary, confidential or trade secret information.  This message is intended solely for the use of the addressee.  If you are not the intended recipient and have received this message in error, please delete this message from your system. Any unauthorized reading, distribution, copying, or other use of this message or its attachments is strictly prohibited.