hallo, I have modified the simple example found in wiki:
-- trivial protocol example
-- declare our protocol
trivial_proto = Proto("trivial","Trivial Protocol")
udp_src_f = Field.new("udp.srcport")
udp_dst_f = Field.new("udp.dstport")
– create a function to dissect it
function trivial_proto.dissector(buffer,pinfo,tree)
local udp_src = udp_src_f()
local udp_dst = udp_dst_f()
if udp_src==8002 then
pinfo.cols.protocol = "PBUS_RESP"
end
if udp_dst==8002 then
pinfo.cols.protocol = "PBUS_REQ"
end
local subtree = tree:add(trivial_proto,buffer(),"Trivial Protocol Data")
subtree:add(buffer(0,2),"port: " .. tostring(udp_src) .. "->" .. tostring(udp_dst) .. " ::: type " .. type(udp_dst))
subtree:add(buffer(0,2),"The first two bytes: " .. buffer(0,2):uint())
subtree = subtree:add(buffer(2,2),"The next two bytes")
subtree:add(buffer(2,1),"The 3rd byte: " .. buffer(2,1):uint())
subtree:add(buffer(3,1),"The 4th byte: " .. buffer(3,1):uint())
end
– load the udp.port table
udp_table = DissectorTable.get("udp.port")
– register our protocol to handle udp port 7777
udp_table:add(8002,trivial_proto)
udp_src and udp_dst are userdata and the “if” are avways false. Why udp_src and udp_dst are userdata, and how to “cast” them to number?
best regards
Max
asked 29 Aug ‘16, 03:08
mastupristi
11●1●1●4
accept rate: 0%
