Hello, I have Wireshark version: 1.12.3 on windows 7. I have a pcap file and a lua file. Are there any links which explains the steps to load lua file ? On Windows I see "Lua" pull down but no where to load lua file itself. I tried updating init.lua: dofile("test.lua") but do not see that being invoked. Any suggestions ? asked 27 Jan '15, 12:33  foomail123 |
One Answer:
See this wiki link. answered 27 Jan '15, 12:43  Hadriel |
Thank you for pointer. I had seen that link. Per instructions, I followed I did add (in file init.lua) as above: dofile("test.lua")
I do not see the string printed on console. How do I know if lua script is loaded by wireshark or not to begin with ?
The other question the link above mentions 'tshark' command line executable/script. It does not exist on Windows as I see.
Any suggestions ?
I
The link above doesn't say to add it to the
init.luafile usingdofile(), but now that I look at it it also doesn't say what you should do, which is actually to just put your Lua file in the Personal Plugins directory. That directory is the one labeled "Personal Plugins" when you run Wireshark and go to the Help menu, select "About Wireshark", and click on the "Folders" tab.But anyway,
dofile()should also work, and if it's not working then it's one of a few possibilities:init.luafile you put it in isn't being executed. One reason this might be is if the Wireshark you're running doesn't have Lua compiled in. To find out, in Wireshark choose "About Wireshark" in the Help menu, and on the first tab it will say if Lua is in or out in the third paragraph (along with all the other compiled information).init.luafile you put thatdofile()in is the wronginit.luafile.One way to help diagnose this is if you put something like the following before the
dofile("my file")line in theinit.lua:That will make a dialog window pop up, with that "before dofile" title and a text field. If you don't see that dialog window, then it's not even getting to the
dofile()call. Note that the dialog window might be hidden behind the Wireshark GUI window (because the dialog will pop up first but then wire shark's main guy window will pop up right afterwards in front of it), so move the main Wireshark window out of the way to see if the dialog window is there.I don't use Windows, but
tsharkis a command line program - so you need to be at a command prompt, such as by going to Start->Run->"cmd" or whatever. Or check this link.tshark is part of the optional components in Windows installer. If you cannot find it in your Wireshark folder, it means that it was unchecked during installation (it is checked by default).
Also note that the Wireshark directory isn't automatically added to your path on install, so when using tshark you must either:
C:\Program Files\Wireshark\tshark ....New-Alias tshark path\to\toshark