[prev in list] [next in list] [prev in thread] [next in thread]
List: wireshark-dev
Subject: Re: [Wireshark-dev] Lua question for dissectors
From: "Maynard, Chris" <Christopher.Maynard () IGT ! com>
Date: 2017-11-30 18:52:11
Message-ID: 33c499c691cf408cacfc1264a1e0c096 () USRIWGMAIL1 ! gtk ! gtech ! com
[Download RAW message or body]
[Attachment #2 (text/plain)]
From: Wireshark-dev [mailto:wireshark-dev-bounces@wireshark.org] On Behalf Of Roland \
Knall
Sent: Thursday, November 30, 2017 9:11 AM
To: Developer support list for Wireshark <wireshark-dev@wireshark.org>
Subject: [Wireshark-dev] Lua question for dissectors
Hi
Just a short question, can anyone point me into the direction on how to generate a \
sub-TVB in LUA from a reassembled stream?
We can display the data, but I want to have a sub-TVB displayed, and cannot figure \
out which method to use.
Cheers
Hi Roland,
Have you looked at the fpm.lua script available at \
https://wiki.wireshark.org/Lua/Examples?
After fpm_proto.dissector() does the reassembly, dissectFPM() is called, which simply \
does the normal tree:add(), for the given tvb:range(), i.e.:
-- We start by adding our protocol to the dissection display tree.
local tree = root:add(fpm_proto, tvbuf:range(offset, length_val))
Does that help?
- Chris
CONFIDENTIALITY NOTICE: This message is the property of International Game Technology \
PLC and/or its subsidiaries and may contain proprietary, confidential or trade secret \
information. This message is intended solely for the use of the addressee. If you \
are not the intended recipient and have received this message in error, please delete \
this message from your system. Any unauthorized reading, distribution, copying, or \
other use of this message or its attachments is strictly prohibited.
[Attachment #3 (text/html)]
<html xmlns:v="urn:schemas-microsoft-com:vml" \
xmlns:o="urn:schemas-microsoft-com:office:office" \
xmlns:w="urn:schemas-microsoft-com:office:word" \
xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" \
xmlns="http://www.w3.org/TR/REC-html40"> <head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
span.EmailStyle17
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:#002060;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72">
<div class="WordSection1">
<p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060"><o:p> </o:p></span></p>
<div style="border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt">
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif"> Wireshark-dev \
[mailto:wireshark-dev-bounces@wireshark.org] <b>On Behalf Of </b>Roland Knall<br>
<b>Sent:</b> Thursday, November 30, 2017 9:11 AM<br>
<b>To:</b> Developer support list for Wireshark \
<wireshark-dev@wireshark.org><br> <b>Subject:</b> [Wireshark-dev] Lua question \
for dissectors<o:p></o:p></span></p> </div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div>
<p class="MsoNormal">Hi<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<p class="MsoNormal">Just a short question, can anyone point me into the direction on \
how to generate a sub-TVB in LUA from a reassembled stream?<o:p></o:p></p> <div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">We can display the data, but I want to have a sub-TVB displayed, \
and cannot figure out which method to use.<o:p></o:p></p> </div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">Cheers<o:p></o:p></p>
<p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060"><o:p> </o:p></span></p>
<p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060"><o:p> </o:p></span></p>
<p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060">Hi \
Roland,<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060">Have \
you looked at the </span><span style="font-size:11.0pt;font-family:"Courier \
New";color:#002060">fpm.lua</span><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060"> \
script available at <a \
href="https://wiki.wireshark.org/Lua/Examples">https://wiki.wireshark.org/Lua/Examples</a>?<o:p></o:p></span></p>
<p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060"><o:p> </o:p></span></p>
<p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060">After
</span><span style="font-size:11.0pt;font-family:"Courier \
New";color:#002060">fpm_proto.dissector()</span><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060"> \
does the reassembly, </span><span style="font-size:11.0pt;font-family:"Courier \
New";color:#002060">dissectFPM()</span><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060"> is \
called, which simply does the normal </span><span \
style="font-size:11.0pt;font-family:"Courier \
New";color:#002060">tree:add()</span><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060">, \
for the given </span><span style="font-size:11.0pt;font-family:"Courier \
New";color:#002060">tvb:range()</span><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060">, \
i.e.:<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier \
New";color:#002060"> -- We start by adding our protocol to the \
dissection display tree.<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Courier \
New";color:#002060"> local tree = root:add(fpm_proto, \
tvbuf:range(offset, length_val))<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060"><o:p> </o:p></span></p>
<p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060">Does \
that help?<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060">- \
Chris<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060"><o:p> </o:p></span></p>
<p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060"><o:p> </o:p></span></p>
<p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060"><o:p> </o:p></span></p>
<p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060"><o:p> </o:p></span></p>
<p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060"><o:p> </o:p></span></p>
<p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060"><o:p> </o:p></span></p>
<p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060"><o:p> </o:p></span></p>
<p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060"><o:p> </o:p></span></p>
<p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060"><o:p> </o:p></span></p>
<p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060"><o:p> </o:p></span></p>
<p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060"><o:p> </o:p></span></p>
<p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#002060"><o:p> </o:p></span></p>
</div>
</div>
</div>
</div>
<p>CONFIDENTIALITY NOTICE: This message is the property of International Game \
Technology PLC and/or its subsidiaries and may contain proprietary, confidential or \
trade secret information. This message is intended solely for the use of the \
addressee. If you are not the intended recipient and have received this message \
in error, please delete this message from your system. Any unauthorized reading, \
distribution, copying, or other use of this message or its attachments is strictly \
prohibited.</p></body> </html>
[Attachment #4 (unknown)]
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org>
Archives: https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@wireshark.org?subject=unsubscribe
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic