问题描述
像ixia timestamp预告片中那样,在封包之后我有预告片数据包.我正在尝试为Wireshark编写一个解剖器,该解剖器与ixia-packet_trailer插件完全相同. https://raw.githubusercontent.com/boundary/wirehark/master/epan/dissectors/packet-ixiatrailer.c
I have packet with trailer data after the packet as in ixia timestamp trailer.I am trying to write a dissector for Wireshark that is quite the same as ixia-packet_trailer plugin. https://raw.githubusercontent.com/boundary/wireshark/master/epan/dissectors/packet-ixiatrailer.c
但是我想用Lua编写,所以最容易更改.所以我替换了C线
But i wanted to write in Lua, so it is easiest to change.So i replace the C line
heur_dissector_add("eth.trailer", dissect_ixiatrailer, proto_ixiatrailer);
由Lua中的以下人
eth_table = DissectorTable.get("eth.trailer")
但是我从Wireshark收到了一个错误消息:获取错误参数(DissectorTable_get没有这样的Dissector表)"
But i got error from Wireshark "bad argument to get (DissectorTable_get no such dissector table)"
推荐答案
由于"eth.trailer"已注册为启发式列表(请参见 packet-eth.c ),我认为您可能需要遵循此处提供的示例: https://mika-s.github.io/wireshark/lua/dissector/2018/12/30/creating-port-independent-wireshark-dissectors-in- lua.html
Since "eth.trailer" is registered as a heuristic list (see packet-eth.c), I think you'll probably need to follow the example provided here: https://mika-s.github.io/wireshark/lua/dissector/2018/12/30/creating-port-independent-wireshark-dissectors-in-lua.html
基本上,我认为您将需要执行以下操作:
Basically, I think you're going to need to do something like so:
your_protocol:register_heuristic("eth.trailer", heuristic_checker)
...其中,heuristic_checker是用于检查预告片是否确实适合您的解剖器的功能.
... where heuristic_checker is the function that checks if the trailer is in fact for your dissector or not.
这篇关于Wireshark Lua解剖器插件表错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!