Hi, I'd like to preface this by stating that this is my first time making a dissector in Lua (or really working in Wireshark for that matter) so if anything is unclear I'd be more than happy to clarify. My goal is to make a custom dissector for a protocol on top of SNAP LLC frames. Since the protocol info is currently dissected as "data," it seems that a chained dissector is appropriate. Using https://delog.wordpress.com/2010/09/27/create-a-wireshark-dissector-in-lua/ as a guide, I have created the following:
I suppose my question is two-fold. At present, my dissector loads and I can filter by “myiiot”. However, I am unable to dissect my packets using the “Decode As…” window. Since my packets are 0xaa SNAP, shouldn’t they automatically be dissected by my script? Is there a way to do this manually assuming the code is correct? Apologies if I am missing something obvious. edit: Here is a CloudShark link for the capture https://www.cloudshark.org/captures/fef0e7fd73d3 asked 10 Feb ‘17, 07:12 brownfox edited 21 Feb ‘17, 11:44 |
Can you share the capture that generated the screenshot in a publicly accessible spot, e.g. CloudShark, Google Drive, DropBox etc. so others can test the script?
did you find a solution? I am currently working on something similar