Wireshark-users: Re: [Wireshark-users] LUA dissector - combine data from 2 UDP packets, display i
Hello all,
I've copied the part of the code which is relevant for the packet combining (attached).
-----------------------------
Michael Poroger
"Science is not only knowledge, science is also to be dare"
Shimon Peres
By the way, in case anyone is interested, attached is the capture file I used to test the “Frag Proto” from
https://osqa-ask.wireshark.org/questions/55621/lua-udp-reassembly.
From: Maynard, Chris
Sent: Monday, August 3, 2020 5:42 PM
To: Community support list for Wireshark <wireshark-users@xxxxxxxxxxxxx>
Subject: RE: [Wireshark-users] LUA dissector - combine data from 2 UDP packets, display issue
I download the fragproto.lua implementation from the OSQA question and tested it against the data provided; it seemed to work fine. Without knowing more details about your own dissector, it’s rather difficult
to provide more help. Can you share the basics along with some simple test data?
Something I build by myself. The idea is similar to
this implementation (in the answer) - just storing the data between packet X-1 to packet X.
Not sure about the actual implementation (as already on weekend), but I think that this is not persistent storage, as if the data in the packet is complete, the storage is set to an empty one. In any case, if packet X-1 does not contain
complete data, this data is available for packet X.
-----------------------------
Michael Poroger
"Science is not only knowledge, science is also to be dare"
Shimon Peres
Hello users :)
I've successfully created a dissector which combines data from 2 UDP packets. Every time I select this kind of packet, I'm getting an error on the packet details on the custom protocol section.
Only when I select the previous packet and then the current packet, I can see the dissection as I expect and without any error.
How to solve the issue?
Probably a question better for the -dev list but...
Are you using epan's reassembly routines or something you built yourself? If it's something you built yourself, are you storing the reassembled data in persistent storage which is available when (re)dissecting the 2nd frame (where the
reassembled data is used)?
CONFIDENTIALITY NOTICE: This message is the property of International Game Technology PLC and/or its subsidiaries and may contain proprietary, confidential or trade secret information. This message is intended solely for the use of the addressee. If you are
not the intended recipient and have received this message in error, please delete this message from your system. Any unauthorized reading, distribution, copying, or other use of this message or its attachments is strictly prohibited.
___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives: https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
Attachment:
ex.lua
Description: Binary data