Wireshark-dev: Re: [Wireshark-dev] Lua dissector: How to set sub-field bit widths using prefere

From: David Aldrich <david.aldrich.ntml@xxxxxxxxx>
Date: Thu, 6 Sep 2018 12:01:06 +0100

Hi Chris


Thanks very much for your reply and suggested code.  I have a couple of questions:


1) I need to declare RuPortId_F somehow.  Previously I had:


RuPortId_F = ProtoField.uint16("my_protocol.RuPortId", "RU Port ID", base.HEX, NULL, 0x000F)


but now the masking is done in your function. So how should I declare it?


2) What does this line do?


table.insert(t, (bit.band(bit.rshift(val, i), 1) == 1 and '1') or '0')


3) Your function makes things much tidier but, as I think Jeff points out, the preference still gets read in the header code. This means that if the user changes the value of the preference, your function does not reflect the change until Wireshark is restarted (and the dissector reloaded).  Do you agree? Is there any way around this?


Best regards



On Tue, Sep 4, 2018 at 6:28 PM Jeff Morriss <jeff.morriss.ws@xxxxxxxxx> wrote:

On Mon, Sep 3, 2018 at 11:32 AM David Aldrich <david.aldrich.ntml@xxxxxxxxx> wrote:
Our protocol includes a 16-bit field which is sub-divided into 4 sub-fields.  The width of those sub-fields is variable so I want to specify the widths using Wireshark preferences.  I understand how to create and read  Wireshark preferences but I am unsure of how to apply them in this circumstance.

My code structure looks like this:

my_protocol = Proto("...", "...")

-- Create a preference
my_protocol.prefs.ru_port_id_width = Pref.uint( "RU_Port_ID width ", 4 )

-- Read the preference
ru_port_id_width = my_protocol.prefs.ru_port_id_width

-- Specify a field using the preference
RuPortId_F = ProtoField.uint16("...", "...", base.HEX, NULL, ((2^ru_port_id_width)-1))

-- Create a fields table and add the field to it
xran_protocol.fields = {RuPortId_F}

-- Then specify the dissector function
function my_protocol.dissector(buffer, pinfo,tree)

-- Show the field in a subtree
local RtcidPcid_range = buffer(4,2) -- the 16-bit field
local ecpriRtcidPcid = ecpriRtcidPcid_range:uint()
subtree:add(RuPortId_F, RtcidPcid_range, RtcidPcid) -- the variable width sub-field
The trouble with this is that the preference is only read at startup. A new value can't be specified by the user without restarting Wireshark to apply it.

That sounds like a bug if it's true.

But what happens if you read the preference value inside your dissector function?  The /potential/ problem I see in the above code is that you're reading the value in the header code which IIRC is only executed at startup.  (Ideally you'd actually only read the preference once after they're changed; here Lua has a disadvantage over C dissectors who just reference the variable that holds the value of the preference; maybe the Lua API should have a "preferences changed" callback to let Lua dissectors know that one or more preferences have changed?)

Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev