 | 1 | initial version |
Ideally you could accomplish this as follows:
local Year_proto = ProtoField.uint16("Variable_Year", "This is the transmitted year", base.DEC, nil, 0x07f0)
subtree:add_le(Year_proto, buffer(77, 2), 2000 + bit.band(bit.rshift(buffer(77, 2):le_uint(), 4), 0x7f))
That would highlight the 7 bits of the multi-byte field while still being able to specify the exact value to display, but unfortunately Wireshark is applying the 0x07f0 mask to the specified value, which I believe is a bug, after all the user is explicitly indicating the value to be displayed. In any case, because of this problem, you have to declare Year_proto as follows:
local Year_proto = ProtoField.uint16("Variable_Year", "This is the transmitted year", base.DEC)
The down-side here is that the relevant bits of the multi-byte field will not be shown in the tree as they otherwise would be.
For more information on the Lua BitOp Module, refer to http://bitop.luajit.org/api.html. This is necessary because we're still stuck on Lua 5.2, which doesn't support native bitops, which are supported by Lua 5.3.
See also some related Lua 5.2 -> 5.3 discussions on the wireshark-dev mailing list:
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.