This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Calling MAC-LTE Dissectors using LUA

0

Hello,

I am trying to call dissector for mac-lte using lua. But getting error "Lua Error: ...logCapture.lua:27: attempt to call field 'get_mac_lte_proto_data' (a nil value)". I am passing the buffer as per the framing pattern for heuristic dissector.

Here below is the lua script snippet:

do
   print("hello Lua!!!")

local uelog_proto = Proto("uelog","UE Log Protocol")

– create a function to dissect it function uelog_proto.dissector(buffer,pinfo,tree)

  local dissector = Dissector.get("mac-lte")
  if dissector ~= nil then
 print("Buffer %x,%x,%x \n",buffer(0,1):uint(),buffer(1,1):uint(),buffer(2,1):uint())
     --dissector:call(buffer(0):tvb(),pinfo,tree)
 --pinfo.proto_data=NULL
print("Value %s",buffer(0,7):string())

--pinfo.cols.info:set(buffer(0,7):string()) 
    --pinfo.cols.protocol = "udp"
 local mac_lte_info = dissector.get_mac_lte_proto_data(pinfo)
 mac_lte_info.radioType = buffer(8,1):uint()
 mac_lte_info.direction = buffer(9,1):uint()
 mac_lte_info.rntiType  = buffer(10,1):uint()
     dissector.set_mac_lte_proto_data(pinfo,mac_lte_info)
     dissector:call(buffer(14):tvb(),pinfo,tree)
  else 
     print(string.format("dissector not found, pkt number = %d", pinfo.number ))
  end

end

– load the udp.port table udp_table = DissectorTable.get("udp.port") – register our protocol to handle udp port 5001 udp_table:add(5003,uelog_proto)

end

C code for framing Mac-Lte PDU :

void SendMACFrame(guint8 radioType, guint8 direction, guint8 rntiType,
guint16 rnti, guint16 ueid, guint16 subframeNumber,
guint8 isPredefinedData, guint8 retx, guint8 crcStatus,char macpdu,guint8 length,struct UE_LogHeader uelog )
{
ssize_t bytesSent;
unsigned int  g_frameOffset = 0; 
unsigned short tmp16; char g_frameBuffer = &uelog->data[0]; /********************************************************************/ / Fixed start to each frame (allowing heuristic dissector to work) / / Not NULL terminated / memcpy(g_frameBuffer+g_frameOffset, MAC_LTE_START_STRING, strlen(MAC_LTE_START_STRING)); g_frameOffset += strlen(MAC_LTE_START_STRING); TRACE_LOG("MAC PUD Direction %d ,length %d rntiType %d\n",direction ,length,rntiType ); /
**************************************************************************/ / Now write out fixed fields (the mandatory elements of struct mac_lte_info) */ g_frameBuffer[g_frameOffset++] = radioType; g_frameBuffer[g_frameOffset++] = direction; g_frameBuffer[g_frameOffset++] = rntiType;

/*************************************/
/* Now optional fields               */

/* Subframe number */ g_frameBuffer[g_frameOffset++] = MAC_LTE_FRAME_SUBFRAME_TAG; tmp16 = htons(subframeNumber); memcpy(g_frameBuffer+g_frameOffset, &tmp16, 2); g_frameOffset += 2; #if 0 /* RNTI */ g_frameBuffer[g_frameOffset++] = MAC_LTE_RNTI_TAG; tmp16 = htons(rnti); memcpy(g_frameBuffer+g_frameOffset, &tmp16, 2); g_frameOffset += 2;

/* UEId */
g_frameBuffer[g_frameOffset++] = MAC_LTE_UEID_TAG;
tmp16 = htons(ueid);
memcpy(g_frameBuffer+g_frameOffset, &tmp16, 2);
g_frameOffset += 2;

/* Subframe number */
g_frameBuffer[g_frameOffset++] = MAC_LTE_SUBFRAME_TAG;
tmp16 = htons(ueid);
memcpy(g_frameBuffer+g_frameOffset, &tmp16, 2);
g_frameOffset += 2;

g_frameBuffer[g_frameOffset++] = MAC_LTE_CRC_STATUS_TAG;
g_frameBuffer[g_frameOffset++] = crcStatus;

/***********************************************************/
/* For these optional fields, no need to encode if value is default */
if (!isPredefinedData) {
    g_frameBuffer[g_frameOffset++] = MAC_LTE_PREDFINED_DATA_TAG;
    g_frameBuffer[g_frameOffset++] = isPredefinedData;
}

if (retx != 0) {
    g_frameBuffer[g_frameOffset++] = MAC_LTE_RETX_TAG;
    g_frameBuffer[g_frameOffset++] = retx;
}

#endif

/***************************************/
/* Now write the MAC PDU               */
g_frameBuffer[g_frameOffset++] = MAC_LTE_PAYLOAD_TAG;

/* Append actual PDU  */
memcpy(g_frameBuffer+g_frameOffset, macpdu, length);
g_frameOffset += length;

destination.sin_port = htons(5003);
/* Send out the data over the UDP socket */ bytesSent = sendto(rrcSockFd , uelog->data, g_frameOffset , SEND_FLAG, (struct sockaddr *)&destination, sizeof(destination));

if (bytesSent != g_frameOffset) {
    fprintf(stderr, "sendto() failed - expected %d bytes, got %d (errno=%d)\n",
            g_frameOffset, bytesSent, errno);
    exit(1);
}

}

Above mentioned C code works fine for wireshark If I disable lua script and simply enable heuristic dissector in wireshark. But I want to call dissector through lua as I have written some addtional dissectors related to generic UE specific information.

I am new to lua scripting, please help me out .

asked 27 Sep ‘15, 07:15

amittkumm's gravatar image

amittkumm
6223
accept rate: 0%

edited 27 Sep ‘15, 10:21

grahamb's gravatar image

grahamb ♦
19.8k330206

Can anybody tell whether is it even possible to call mac-lte heuristic dissectors through lua or should I try it with C code ?

(28 Sep ‘15, 04:26) amittkumm


One Answer:

0

This is the same thing as what we discussed in your previous question.

If you want to put your dissector between UDP and MAC-LTE, then you need to manually fill the mac_lte_info structure and attach it to pinfo. See dissect_mac_lte_heur() function in packet-mac-lte.c file.

The call to get_mac_lte_proto_data() will give you a NULL pointer as no one has added the mac_lte_info structure to pinfo yet.

answered 28 Sep '15, 07:29

Pascal%20Quantin's gravatar image

Pascal Quantin
5.5k1060
accept rate: 30%