Wireshark-dev: Re: [Wireshark-dev] lua decoder accessing info from layers above

From: Graham Bloice <graham.bloice@xxxxxxxxxxxxx>
Date: Fri, 16 Oct 2020 11:22:43 +0100


On Fri, 16 Oct 2020 at 03:36, Fulko Hew <fulko.hew@xxxxxxxxx> wrote:


On Mon, Oct 12, 2020 at 8:34 PM John Thacker <johnthacker@xxxxxxxxx> wrote:

On Mon, Oct 12, 2020, 8:00 PM Fulko Hew <fulko.hew@xxxxxxxxx> wrote:

I'm trying to update/improve someone else's decoder written in Lua.
It's for a simple UDP (and TCP) based protocol.
But I need to be able to get access to the upper layer
to be able to decode it easily.

Can someone provide an example of how to determine if the higher layer was UDP or TCP?

If all you need to know is whether it was called from TCP or UDP, then a typical approach is to create slightly different dissector functions, one for TCP and one for UDP (they can then call a common function, setting a parameter) and register the TCP dissector with TCP and the UDP dissector with UDP.

That was my first alternativeb.com/wireshark/wireshark/-/wikis/protobuf

I liked this answer better, so I updated my dissector accordingly,
and it's shorter, cleaner, and more obvious.

-------------

Now the next question is:
Can I submit this Lua based dissector for inclusion in the Wireshark project, or
should I rewrite it as a 'C' based dissector, and submit that?


Currently we don't distribute any Lua dissectors with the Wireshark installers, so a 'C' based dissector is the best approach.

Graham Bloice