Hi, I'm working with an Inner protocol (made up in the company I'm working), using the winpcap driver. Can I write a Lua disector to a winpcap protocol? Thanks, Dana. asked 21 Jul '16, 04:38  DanaR |
This is a static archive of our old Q&A Site.
Please post any new questions and answers at ask.wireshark.org.
I'm not sure where the winpcap driver fits in here, that's for capturing traffic for all protocols, not dissecting them.
What protocol carries your protocol, i.e. does it run over tcp or udp or something else?
No. My protocol is not udp or TCP, it is an "made up" protocol using "wpcap.dll" . (not a very standart use of winpcap, but this is the case in here )
I'll try to be more clear: In the company I'm working in a new protocol was writen from scratch, including the low level network layer . No address is actuly needed since two computers are talking using a direct cable. In order to send and recive packets we are using "wpcap.dll", pcap_open/ pcap_sendqueue_transmit and other interface options. I'm trying to undersant if I can create a LUA to such a protocol ? (Thanks :)
Presumably you are using Ethernet though? What do you see when you capture this traffic?
What you're trying to say is that you are developing a raw Ethernet protocol, and use winpcap to get it on the wire. In that case it's not called a winpcap protocol but an Ethernet protocol. There are several: IPv4 may be the best known, but there are many more.