This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Lua: How can I detect a change of capture file?

0

Hi,

I've written a Wireshark Lua postdissector to calculate some timing values for HTTP packets. The initial code (the code that runs on Wireshark start up) includes the definition of some tables that are used to retain data between calls to the dissector function. Everything works OK but if I load a new trace file I'm picking up residual table entries associated with the previous file.

I can then reinitialize the global tables if I know that the trace file has changed.

How can my dissector detect that the trace file has changed?

Thanks and regards...Paul

asked 09 Jul '14, 13:07

PaulOfford's gravatar image

PaulOfford
131283237
accept rate: 11%

edited 10 Jul '14, 12:59

Guy%20Harris's gravatar image

Guy Harris ♦♦
17.4k335196

Hadriel, is the init_routines table documented anywhere?

(10 Jul '14, 01:23) Guy Harris ♦♦

It's added to using the Lua "Proto.init()", so documented here.

(10 Jul '14, 11:33) Hadriel

Thanks for that. It works fine.

Best regards...Paul

(11 Jul '14, 13:54) PaulOfford

One Answer:

1

OK, so you'd add an init routine, using Lua Proto.init(), as per Hadriel's comment.

Your init routine would be called whenever you need to reinitialize whatever global state you maintain.

answered 10 Jul '14, 12:58

Guy%20Harris's gravatar image

Guy Harris ♦♦
17.4k335196
accept rate: 19%