Hi,
I need to extract reassembled packet data in wireshark and either save it to file or better pass it over stdout to another program. In the latter case I guess it has to be converted to hex string for safe piping.
I have the following code to get the reassembled WSP payload out of packet in wireshark
===================================
wsp_extractor = Field.new("wsp")
tap = Listener.new(nil,"wsp")
function tap.packet(pinfo,tvb)
local wsp_pdu = wsp_extractor().range
if wsp_pdu then
print(tostring(wsp_pdu))
end
end
===================================
If the reassembled data comes from several packets I get the following error:
tshark: Lua: on packet 164 Error During execution of Listener Packet Callback:
expired tvb
If the extracted data is contained within one packet I get a truncated string:
8C849832333931423513363030406D6D732E6D74732E6279...
Apparently it should be a straightforward task but I am probably missing something... What am I doing wrong here?
Thanks.