Custom Tag Dissector in LUA

Hi,

I am trying to build a custom tag Dissector in Lua for the type of packets mentioned in the link below. There are other custom tags like these with different Ether types. http://webmedia.company.ja.net/content/documents/shared/networkshop310309/reid_carrierethernet.pdf.

So the packet looks like One or more VLAN tag is followed by one or more custom tags. These tags are indicated by the corresponding ether type values (2 bytes) followed by 2 or 4 bytes specific to the tags. After these 4 or 6 bytes, normal flow follows as indicated by Ether type- IPv4 or IPv6 then TCP. I invoke the custom dissector based on the ether type like below:

local Tags_Table = DissectorTable.get("ethertype") Tags_Table:add(CUSTOM_TAG_TYPE, p_customtag)

Once this is done, I want wireshark built-in dissector to take over for IP and TCP processing (say). To do this I add the following code (I am not checking the Ether type value for now which I will add later):

local ip_dis = Dissector.get("ip") ip_dis:call(buf(2):tvb(), pinfo, root)

But the problem is it stops at IP level and does not dissect TCP level. Now my questions are:

1. First of all, whether whatever I am trying to do is possible in LUA?
2. Is there any other better way of implementing this?
3. How do I pass the control back to existing wireshark dissector after custom tag decoding for the rest of processing (ethernet type, ipv4/ipv6/arp, tcp/udp) ?

This is a type of dissector chaining: 1. First wireshark built-in Ethernet dissector to decode DA, SA, VLAN(s) 2. My custom tag dissector to dissect tags 3. Back to built-in wireshark dissector to decode rest of the packet IP, TCP etc

Appreciate your response on this.

Thanks, Kanak

Here is the link with few sample packets, complete lua code, pdf file and a file with more sample packets. https://drive.google.com/folderview?id=0B_-ushz_LzVxQXpwbDR3UHpfYm8&usp=sharing