Hi,
we plan to use Wireshark to analyze our network traffic in a scientific
motivated serial bus system. We capture the traffic with our own
software (via virtual COM port over USB) and save the packet-data in a
text file (we plan to use the K12-text file format at the moment).
I managed to load the packet data to Wireshark, so I can see the data.
I also managed to activete LUA and I wrote a first test LUA dissector to
play around. Our packets have the following structure ( each | x | = 1
byte):
| ctrl | dest | src | port | func | data1 | .. | dataN |
So I wrote the test dissector and it showes up in the Enable Protocols
List (and of course, I activate it). But when I try to use it with
"Decode as", this menu item is grayed out, so I can't use it.
Maybe the problem has something to do with the chaining of protocols.
Because I need my protocol to be a "root" protocol somehow, because I
can't use ethernet. Is there some "parent"-protocol, where I can link my
own dissector?
Here is the code of my first test:
-- trivial protocol example
-- declare our protocol
mpic_proto = Proto("mpic485","MPIC 485 bus protocol")
-- create a function to dissect it
function mpic_proto.dissector(buffer,pinfo,tree)
pinfo.cols.protocol = "485"
local subtree = tree:add(mpic_proto,buffer(),"MPIC485 Protocol Data")
subtree:add(buffer(0,2),"The first two bytes: " .. buffer(0,2):uint())
subtree = subtree:add(buffer(2,2),"The next two bytes")
subtree:add(buffer(2,1),"The 3rd byte: " .. buffer(2,1):uint())
subtree:add(buffer(3,1),"The 4th byte: " .. buffer(3,1):uint())
end
-- local packet_table = DissectorTable.get("packet")
-- packet_table:add(packet.USER15,mpic_proto)
Meybe someone could help me? Thanks in advance
Christian
--
Christian Gurk
Electronics Working Group / Research & Development
Max-Planck-Insitute for Chemistry, Mainz, Germany
+49-6131-305387 / christian.gurk@xxxxxxx