Wireshark-dev: Re: [Wireshark-dev] Accessing prior packets in Lua

From: Martin Visser <martinvisser99@xxxxxxxxx>
Date: Tue, 15 Sep 2009 17:55:13 +1000
Beth,

I actually was writing something similar a while back (for HTTP traffic) but never quite got it finished. ( I was trying to figure out the best way to store the info for each I need for each packet so that I could do the association to calc the response times).

Anyway to display and add items to a tree have a look at the chained dissector code in http://wiki.wireshark.org/Lua/Dissectors. This mostly seems to work.

(You have given me some incentive to start looking again at lua, I'd certainly like to see any code that you have that you have got working)

Regards, Martin

MartinVisser99@xxxxxxxxx


On Tue, Sep 15, 2009 at 5:50 AM, Beth <beth.tridium@xxxxxxxxx> wrote:
In my Lua program, I am analyzing how long it takes certain packets to be acked.  I can calculate the information once I get the ack packet, but what I would really like to do is to add the "time to ack" (or "never acked") data to the tree for the original packet.  I know this can be done in C, since the Wireshark fragment reassembly does it very nicely, but can it also be done from Lua?

That is: given packet number X that is later acked by packet number Y, when my Lua program processes packet Y I can calculate the time between the packets.  I can print it in a textwindow, but I would much rather add this info to the display tree for packet X.  How might I access the tree for packet X, when I am processing packet Y?

Thanks,
b.


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe