This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

How do I get the acknowledgement number for a packet in Wireshark using Lua?

0

I am writing a Lua dissector for a protocol on top of the TCP protocol. It needs to store the acknowledgment number of request packets, in order to determine which is the corresponding response packet.

For example I can get the packet number with pinfo.number, is there any similar way I can access the acknowledgement number?

asked 07 May '12, 03:20

Ville's gravatar image

Ville
1112
accept rate: 0%

edited 07 May '12, 03:55

What protocol are you dissecting?

(07 May '12, 03:37) helloworld

A special protocol on top of the TCP protocol.

(07 May '12, 03:56) Ville

One Answer:

0

You can define the desired fields with Field.new() and then use the field definitions in the dissector function.

-- define the fields
tcp_srcp_f = Field.new("tcp.srcport")
tcp_dstp_f = Field.new("tcp.dstport")
tcp_ack_f = Field.new("tcp.ack")
tcp_seq_f = Field.new("tcp.seq")

function tcp_test_proto.dissector(buffer,pinfo,tree)
-- use the fields in the dissector
local sport = tcp_srcp_f()
local dport = tcp_dstp_f()
local ack = tcp_ack_f()
local seq = tcp_seq_f()
...
end

Regards
Kurt

answered 07 May '12, 06:57

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237
accept rate: 15%

edited 07 May '12, 06:58