 | 1 | initial version |
thre .register_heuristic can do this job.
-- heuristic_checker: determine which dissector to use
local function heuristic_checker(buffer, pinfo, tree)
-- check length
length = buffer:len()
if length < 4 then return false end
-- check something..
if true then
-- use my dissector
MyProto.dissector(buffer, pinfo, tree)
return true
else
return false
end
end
-- registe to udp
MyProto:register_heuristic('udp', heuristic_checker)
ref:
https://mika-s.github.io/wireshark/lua/dissector/2018/12/30/creating-port-independent-wireshark-dissectors-in-lua.html
| | 2 | No.2 Revision |
thre .register_heuristic can do this job.
determine proto by custom logic, rather than port.
-- heuristic_checker: determine which dissector to use
local function heuristic_checker(buffer, pinfo, tree)
-- check length
length = buffer:len()
if length < 4 then return false end
-- check something..
if true then
-- use my dissector
MyProto.dissector(buffer, pinfo, tree)
return true
else
return false
end
end
-- registe to udp
MyProto:register_heuristic('udp', heuristic_checker)
ref:
https://mika-s.github.io/wireshark/lua/dissector/2018/12/30/creating-port-independent-wireshark-dissectors-in-lua.html
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.