Lua Wireshark Scripting

2
votes

I'm just getting started in Lua for wireshark and I'm already baffled. According to http://wiki.wireshark.org/LuaAPI/Tvb#tvb:len.28.29 a Tvb has the function "len" but when I call it on buf or pkt in the below code, I'm getting an "attemt to call method 'len' (a number value)" error. What is the proper way to get the length of buf, or pkt, (which are "tvb" objects)?

local myprotocol = Proto("proto","My Protocol Title");
function myprotocol.dissector(buf,pkt,root)
    local test = pkt:len() -- <--Throws error
1
luawireshark

1 Answers

1
votes

I think there is some confusion about parameters; according to the Dissectors page: "When called by Wireshark, they are passed (1) a TVB buffer of the data (a Tvb object), (2) a tree root (TreeItem object), and (3) a packet information record (Pinfo object)." From the example on the same page: function trivial_proto.dissector(buffer,pinfo,tree).

It appears that buffer is Tvb object, but pkt is Pinfo object, so you should probably try buf:len() instead of pkt:len().