Wireshark · Wireshark-dev: Re: [Wireshark-dev] my purpose [for building with support for Lua in Linux (Ubuntu 20.04)]

[Graham Bloice <graham.bloice@xxxxxxxxxxxxx>]

On Sat, 22 May 2021 at 21:22, Vincent Randal <vtrandal@xxxxxxxxx> wrote:

Graham, thank you for helping. I've replied in red below with a couple of follow questions if you don't mind.

Thanks, Vincent Randal.

On Sat, May 22, 2021 at 3:25 AM Graham Bloice <graham.bloice@xxxxxxxxxxxxx> wrote:

Some answers in-line

On Sat, 22 May 2021 at 04:03, Vincent Randal <vtrandal@xxxxxxxxx> wrote:

Hello everyone,

I've plans to use Lua to control tshark behavior in scripts, IF ... I can get Wireshark to build with support for Lua in Ubuntu 20.4, ... But so far I am not having any luck. I found this piece of documentation that says ...

"Wireshark contains an embedded Lua 5.2 interpreter ..."

I believe that's true for Windows but not Linux.

I have lots of questions:

1. Before running cmake how can I tell the appropriate "with-lua" sort of switch is enabled?

Look at CMakeOptions.txt, some options reset on a per-platform basis, but ENABLE_LUA defaults to ON.

Thank you. There's a lot in there. CMakeLists.txt gets syntax highlighting in my vim and gvim setup, but CMakeOptions.txt does not. I might have learned of CMakeOptions.txt sooner, if I'd looked for CM* files.

Maybe "Visual Studio Code" is worth a try? [https://code.visualstudio.com/docs/cpp/cmake-linux] I wonder if anyone builds Wireshark in "Visual Studio Code" on Linux.

I could be pedantic and say no-one uses VSC to "build", rather they use VSC to edit files with the bonus syntax highlighting and syntax checking and then invoke CMake\build tools\compilers (possibly by VSC plugins) to actually build. Even on Windows, I only use VSC to edit, I always have some PowerShell prompts open to actually build as I'm unable to get the VSC CMake\build plugins to do the job correctly.

 

2. After running cmake how can I tell I got what I wanted i.e. that it found Lua and make will build with support for Lua?

The CMake output will output the packages that were found.  Missing mandatory dependencies will cause CMake generation to fail.  Lua isn't a required dependency.

From a random MR Ubuntu build pipeline: 

-- Checking for one of the modules 'lua5.2;lua-5.2;lua52;lua5.1;lua-5.1;lua51'

-- Found LUA: /usr/lib/x86_64-linux-gnu/liblua5.2.so (found suitable version "502", minimum required is "5.1") 

Thank you. If I have doubts that the maintainers can build something (or what version works), now I know where to look (in a MR Ubuntu build pipeline, interesting. what's that?)?

Pre-Gitlab we had a very useful buildbot setup that showed all our builders across several Wireshark branches all with neatly delimited output for the various steps.  The remnants of that (Windows\macOS only) can be seen here: https://buildbot.wireshark.org/wireshark-master/waterfall.  I have been unable to find similar output in GitLab apart from the pipelines generated by each commit on each MR which just vomit out one huge (colored) wall of text that is one of the most annoying regressions of the move to GitLab.

3. If it does not find Lua how do I fix that?

Provide the required Lua packages in a location that CMake will search.  In the source tools directory there is a bash script (debian-setup.sh) that will install the required packages for Wireshark on a Debian based system.  See the Developer's Guide section on Unix Installation and Build Instructions:

Thank you. I've been setting up my Ubuntu build environment the hard way (not running debian-setup.sh [--install-optional]).

https://www.wireshark.org/docs/wsdg_html_chunked/ChapterSetup.html#ChSetupUNIX

 

4. When the build succeeds how do I compensate for the difference sudo and non-sudo seem to have on tshark? Non-sudo invokation runs my lua scripts. Sudo invocations don't.

I'm not sure on Linux, but I suspect that the different users will have different personal configuration file locations.  How are you invoking the Lua script?

./tshark -X lua_script:hello.lua # hello.lua works, but there's no permission to dissect packets. I will discuss this in more detail in Guy's reply.

Note that it's highly recommended to NOT run wireshark\tshark as root due to potential security issues.  To allow full use as non-root on Debian based systems see https://gitlab.com/wireshark/wireshark/-/blob/master/debian/README.Debian.

 

5. And assuming (with some help) I get past the above issues, how much control can lua scripts expert over tshark and Wireshark?

The Lua script capabilities are built around the API exposed by the Lua support, which is mainly intended to handle dissection, post-dissection tapping and some GUI facilities.  See the Developers Guide section on Lua support:

https://www.wireshark.org/docs/wsdg_html_chunked/wsluarm.html

Thank you.

Regarding the last question above, the June,2021 InterOp/Plugfests for IEEE 1451.0 are too soon for me to implement the 1451.0 network services (on embedded hardware or in virtual machines). But thank goodness for the lack of time, because it's got me asking how I might call tshark (or Wireshark) in scripts that behave to some degree as though its a real deployment.

By the way, I do not represent the IEEE. I got involved in the IEEE 1451.0 working group because my college advisor (John Schmalzel, currently with Rowan University) from 30 years suggested it to me.

Also, Richard Sharpe has been tremendously helpful as I've struggled to learn enough about ASN.1 to get my dissectors generated and working. XDR and Thrift look like better alternatives to ASN.1 if I had more time to try those things. Thank you, Richard!

Vincent

--

Graham Bloice