 | 1 | initial version |
This is heavily plagiarized (stolen?) from the work @cmaynard in Guacamole Dissector.
Coloring rule: tcp.port == myproto.ProtPort
-- 230401: Ask 31160 - Coloring Rules based on Preference
local myproto_p = Proto("myproto", "MyProtocol Protocol")
-- Default settings
local MYPROTO_TCP_PORT = 3000
-- Preferences
local myproto_settings = {
tcp_port = MYPROTO_TCP_PORT
}
myproto_p.prefs.tcp_port = Pref.uint("TCP port", myproto_settings.tcp_port,
"The MyProtocol TCP port number (default=" .. MYPROTO_TCP_PORT .. ")")
-------------------------------------------------------------------------
function myproto_p.prefs_changed()
if myproto_settings.tcp_port ~= myproto_p.prefs.tcp_port then
-- remove old one, if not 0
if myproto_p.prefs.tcp_port ~= 0 then
DissectorTable.get("tcp.port"):remove(myproto_settings.tcp_port, myproto_p)
end
-- set our new default
myproto_settings.tcp_port = myproto_p.prefs.tcp_port
-- add new one, if not 0
if myproto_settings.tcp_port ~= 0 then
DissectorTable.get("tcp.port"):add(myproto_settings.tcp_port, myproto_p)
end
end
end -- myproto_p.prefs_changed()
local pf = {
msgLen = ProtoField.int32("myproto.msglength", "Msg Length", base.DEC),
myprotoData = ProtoField.bytes("myproto.Data", "MyProtocol Data"),
myprotoPort = ProtoField.uint32("myproto.ProtPort", "MyProtocol Proto Port",base.DEC)
}
myproto_p.fields = pf
function myproto_p.dissector(buffer, pinfo, tree)
length = buffer:len()
pinfo.cols.protocol = myproto_p.name
subtree = tree:add(myproto_p)
subtree:add(pf.myprotoPort, myproto_settings.tcp_port)
subtree:add(pf.msgLen, length)
if length == 0 then return end
--do disector work here
end
local tcp_port = DissectorTable.get("tcp.port")
tcp_port:add(myproto_settings.tcp_port, myproto_p)
| | 2 | No.2 Revision |
This is heavily plagiarized (stolen?) from the work of @cmaynard in Guacamole Dissector.
Coloring rule: tcp.port == myproto.ProtPort
-- 230401: Ask 31160 - Coloring Rules based on Preference
local myproto_p = Proto("myproto", "MyProtocol Protocol")
-- Default settings
local MYPROTO_TCP_PORT = 3000
-- Preferences
local myproto_settings = {
tcp_port = MYPROTO_TCP_PORT
}
myproto_p.prefs.tcp_port = Pref.uint("TCP port", myproto_settings.tcp_port,
"The MyProtocol TCP port number (default=" .. MYPROTO_TCP_PORT .. ")")
-------------------------------------------------------------------------
function myproto_p.prefs_changed()
if myproto_settings.tcp_port ~= myproto_p.prefs.tcp_port then
-- remove old one, if not 0
if myproto_p.prefs.tcp_port ~= 0 then
DissectorTable.get("tcp.port"):remove(myproto_settings.tcp_port, myproto_p)
end
-- set our new default
myproto_settings.tcp_port = myproto_p.prefs.tcp_port
-- add new one, if not 0
if myproto_settings.tcp_port ~= 0 then
DissectorTable.get("tcp.port"):add(myproto_settings.tcp_port, myproto_p)
end
end
end -- myproto_p.prefs_changed()
local pf = {
msgLen = ProtoField.int32("myproto.msglength", "Msg Length", base.DEC),
myprotoData = ProtoField.bytes("myproto.Data", "MyProtocol Data"),
myprotoPort = ProtoField.uint32("myproto.ProtPort", "MyProtocol Proto Port",base.DEC)
}
myproto_p.fields = pf
function myproto_p.dissector(buffer, pinfo, tree)
length = buffer:len()
pinfo.cols.protocol = myproto_p.name
subtree = tree:add(myproto_p)
subtree:add(pf.myprotoPort, myproto_settings.tcp_port)
subtree:add(pf.msgLen, length)
if length == 0 then return end
--do disector work here
end
local tcp_port = DissectorTable.get("tcp.port")
tcp_port:add(myproto_settings.tcp_port, myproto_p)