Hi all. I have a small dissector, which keeps returning nil values for a normal TCP packets from time to time.
For some reason, even if pinfo.net_src is set, ip_src_f() may return nil. Also, I can't get how to decode ip_len_f() return, which is userdata, to number.
do
local testdissector = Proto("Test", "Test");
ip_src_f = Field.new("ip.src")
ip_dst_f = Field.new("ip.dst")
tcp_src_f = Field.new("tcp.srcport")
tcp_dst_f = Field.new("tcp.dstport")
time_f = Field.new("frame.time_epoch")
ip_len_f = Field.new("ip.len")
frame_len_f = Field.new("frame.len")
tcp_hlen_f = Field.new("tcp.hdr_len")
tcp_ack = Field.new("tcp.flags.ack")
tcp_syn = Field.new("tcp.flags.syn")
tcp_psh = Field.new("tcp.flags.push")
tcp_rst = Field.new("tcp.flags.reset")
tcp_fin = Field.new("tcp.flags.fin")
function testdissector.dissector(tvbuffer, pinfo, treeitem)
if 1 == 1 then ---sport then
local sport = tcp_src_f() -- alright
local dport = tcp_dst_f() -- alright
local saddr = pinfo.net_src -- 50% nil
local daddr = pinfo.net_dst -- 50% nil
--- do something
end
return -- nil, to comply with no-reassembly requirements
end
register_postdissector(testdissector)
end
TCP reassembly is turned off, HTTP dissector is disabled
asked 29 Feb ‘12, 08:04
cagali-san
1●1●1●2
accept rate: 0%
