This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Confusing Lua reassembly documentation, how is this done in current 1.6.x/1.7.0 ?

4
1

Hi,

As I am using a Lua dissector to debug the implementation of a proprietary protocol, I am having trouble getting TCP reassembly to work. End user stuff such as allowing reassembly seems OK, but currently my dissector still sees each TCP segment/packet as a new stream, giving wrong results for data crossing segment bounds.

The documentation I have been able to find is confusing and seems self-contradictory:

The current Wiki says to use pinfo OR signed return values, some other documents are more confusing.

Some other docs suggest figuring out how to install "Alien" for Lua (Alien's own documentation page just says to use some Lua-specific package manager which is presumably only available for standalone Lua) then figuring out how to specify a Lua prototype for a C API which takes two callback pointers amongst its args.

It is unclear how to access the reassembled data once called with enough bytes.

My own experiments have come up short, resulting in bad reassembly.

Where can I get clarity on how to write a reassembled TCP dissector in Lua?

asked 15 Feb '12, 04:54

jb_wisemo's gravatar image

jb_wisemo
61133
accept rate: 0%

edited 15 Feb '12, 06:59

JeffMorriss's gravatar image

JeffMorriss ♦
6.2k572