 | 1 | initial version |
Assuming the transport is TCP, your dissector will need to reassemble the TCP segments. Refer to the Wireshark Lua/Dissectors wiki page for general guidelines on TCP reassembly. The Lua/Examples wiki page also provides a sample dissector, namely fpm.lua, that serves as an excellent example Lua script for a TCP-based protocol dissector.
If the transport is something other than TDP, say UDP for example, then you will have to figure out how to reassemble the messages yourself, but the basic principles from the TCP example will generally apply.
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
