?> I am working on a dissector that dissects a proprietary protocol that uses raw 802.11 data frames. The protocol > specification is not open so I won't be able to contribute the dissector. I've therefore chosen to implement it in Lua.
>
> Without patching Wireshark's 802.11 dissector I'm not able to register my own dissector. So seeking advice on proper > ways to proceed and implement.
> I can get it working by adding support for heuristic sub-dissectors on 802.11 data frames. An unfinished example > uploaded here:
> https://code.wireshark.org/review/#/c/27641/?
I've uploaded an updated version of that patch that now only hand-offs the data portion of the frame. This together with me realizing that frame header fields can be accessed via Fields.new(...) solves the original problems I faced.
With the patch above applied I can register a (Lua) heuristics dissector for raw 802.11 data frames.
Updated Lua sample dissector below:
local proto_example = Proto("example", "example protocol")
local wlan_ra_f = Field.new("wlan.ra")
local f = proto_example.fields
function is_example_protocol(tvb, pinfo)
-- check frame and decide whether example protocol
-- if access to 802.11 frame header fields is needed these can
-- be retrieved via:
local wlan_ra = wlan_ra_f()
-- ...
return true
end
function proto_example.dissector(tvb, pinfo, tree)
if not is_example_protocol(tvb) then
return 0
end
pinfo.cols.info = ""
pinfo.cols.protocol = "Example"
tree = tree:add(proto_example, tvb)
tree:add(f.data, tvb(0));
return tvb:len()
end
proto_example:register_heuristic("wlan_data", proto_example.dissector)
f.data = ProtoField.bytes("example.data", "data")
/Mikael
