Wireshark-dev: Re: [Wireshark-dev] Accessing prior packets in Lua

Date: Tue, 15 Sep 2009 10:17:58 -0400
Thanks Martin, I've been looking at that page among others.  They have been some help in getting my Lua program to process the current packet. 

But I still haven't seen anything that helps me add to the display tree of a different packet from the one I'm processing at the moment.

I think I should look more closely at the fragment reassembly C code, and see what it does there.


On Tue, Sep 15, 2009 at 3:55 AM, Martin Visser <martinvisser99@xxxxxxxxx> wrote:
Beth,

I actually was writing something similar a while back (for HTTP traffic) but never quite got it finished. ( I was trying to figure out the best way to store the info for each I need for each packet so that I could do the association to calc the response times).

Anyway to display and add items to a tree have a look at the chained dissector code in http://wiki.wireshark.org/Lua/Dissectors. This mostly seems to work.

(You have given me some incentive to start looking again at lua, I'd certainly like to see any code that you have that you have got working)

Regards, Martin

MartinVisser99@xxxxxxxxx


On Tue, Sep 15, 2009 at 5:50 AM, Beth <beth.tridium@xxxxxxxxx> wrote:
In my Lua program, I am analyzing how long it takes certain packets to be acked.  I can calculate the information once I get the ack packet, but what I would really like to do is to add the "time to ack" (or "never acked") data to the tree for the original packet.  I know this can be done in C, since the Wireshark fragment reassembly does it very nicely, but can it also be done from Lua?