Not pretty but gets the job done.
Adds a new field frame_modulo.remainder. Display filter: frame_modulo.remainder == "0"
-- frame_modulo.lua
-- add field for modulo remainder
-- https://ask.wireshark.org/question/25833/is-there-any-way-to-obtain-every-2nd-3th-7th-etc-packet/
local frame_modulo_info =
{
version = "1.0.0",
author = "Chuck Craft",
description = "Add modulo remainder field. Add menu to request divisor.",
}
set_plugin_info(frame_modulo_info)
-- we create a "protocol" for our tree
local frame_modulo_p = Proto("frame_modulo","Frame number modulo remainder")
-- we create our fields
local frame_modulo_field = ProtoField.string("frame_modulo.remainder", "Frame number modulo remainder")
-- we add our fields to the protocol
frame_modulo_p.fields = { frame_modulo_field }
local modulo_divisor = 1
-- let's do it!
function frame_modulo_p.dissector(tvb,pinfo,root)
local tree = nil
-- add our proto if we haven't already
if not tree then
tree = root:add(frame_modulo_p)
end
tree:add(frame_modulo_field, pinfo.number % modulo_divisor)
end
-- then we register frame_modulo_p as a postdissector
register_postdissector(frame_modulo_p)
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- Add new item to Tools menu
local function dialog_menu()
local function dialog_func(local_divisor)
local window = TextWindow.new("Modulo divisor");
local message = string.format("Divisor set to %d. Reload capture file to apply.", local_divisor);
window:set(message);
modulo_divisor = local_divisor
end
new_dialog("Enter modulo divisor",dialog_func,"Divisor")
end
-- Create the menu entry
register_menu("Modulo packets",dialog_menu,MENU_TOOLS_UNSORTED)
