Wireshark · Wireshark-dev: Re: [Wireshark-dev] Unable to detect custom protocol dissector

[sandip gangakhedkar <sandipfloyd@xxxxxxxxx>]

Thanks for your replies.

I do have Lua support built in. Results of Help --> About Wireshark:

==================================================================

3.2.1 (Git commit bf38a67724d0)

Compiled (64-bit) with Qt 5.9.5, with libpcap, without POSIX capabilities,
without libnl, with GLib 2.56.4, with zlib 1.2.11, without SMI, without c-ares,
with Lua 5.2.4, without GnuTLS, with Gcrypt 1.8.1, without Kerberos, without
MaxMind DB resolver, without nghttp2, without brotli, with LZ4, without
Zstandard, without Snappy, with libxml2 2.9.4, with QtMultimedia, with SpeexDSP
(using bundled resampler), without SBC, without SpanDSP, without bcg729.

Running on Linux 5.3.0-28-generic, with Intel(R) Core(TM) i7-8700 CPU @ 3.20GHz
(with SSE4.2), with 7670 MB of physical memory, with locale en_US.UTF-8, with
light display mode, without HiDPI, with libpcap version 1.8.1, with Gcrypt
1.8.1, with zlib 1.2.11, binary plugins supported (15 loaded).

Built using gcc 7.4.0.

==================================================================

@Anders: I do not want to replace the existing gnw Dissector. But I have a fixed length custom header before the GNW dissector and want to call the standard built-in gnw Dissector on the same tree after my custom Dissector is finished parsing (which works correctly at the moment).

Thanks.

On Thu, Feb 13, 2020 at 1:04 PM Anders Broman via Wireshark-dev <wireshark-dev@xxxxxxxxxxxxx> wrote:

 

 

From: Wireshark-dev <wireshark-dev-bounces@xxxxxxxxxxxxx> On Behalf Of Graham Bloice
Sent: den 13 februari 2020 11:09
To: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx>
Subject: Re: [Wireshark-dev] Unable to detect custom protocol dissector

 

Does your custom build of Wireshark include Lua?  What does the Help | About Wireshark | Wireshark info show?

 

On Wed, 12 Feb 2020 at 21:46, sandip gangakhedkar <sandipfloyd@xxxxxxxxx> wrote:

Hi,

 

I am using a Custom protocol dissector (Lua script) for the GeoNetworking header. I have build wireshark 3.2.1 from source on Ubuntu 18.04 and placed the Lua script in the Global plugins directory. However, the script fails when to find the Geonetworking protocol when I invoke it in the script:

 

  Dissector.get("gnw"):call(newTvb, pkt, root)

 

So I tried another approach:

 

  gnw_dissector = DissectorTable.get("ethertype"):get_dissector(35143)

 

The protocol gnw (GeoNetworking) corresponds to an EtherType of 35143 in my Wireshark protocols configuration. However, this also fails to find the "gnw" protocol.

 

How can I get wireshark to detect the GeoNetworking protocol from my custom Lua script?

 

Thanks in advance.

 

 

The function DissectorTable.get("ethertype"):get_dissector(35143)

https://wiki.wireshark.org/LuaAPI/Dissector#dissectortable:get_dissector.28pattern.29

gets the handle of the built in GNW dissector as far as I can tell. Is that what you want? Why do you want to replace the existing dissector? (If that’s what you are trying to do).

 

Regards

Anders

 

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe