This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Question about a lua dissector in TCP

0

Here is the thing.

  • source port is an ephemeral port and destination port is 5001 (iperf)
  • I'm trying to create a dissector which dissects the ACK packets from destination to source port.

Code 1.

      local tcp_dissector_table = DissectorTable.get("tcp.port")
      tcp_dissector_table:add(5001, my_proto)

with the code 1., it dissects only the packets from source to destination.

So I solved the problem with the code 2.

Code 2.

    function my_proto.dissector(buffer, pinfo, root)
      if f_tcp_srcport().value == 5001 then
      --my source
      end
    end
register_postdissector(my_proto)</code></pre><p>The question is 'why does the code 3. not work as it did like Code 1.?".</p><p>Code 3.</p><pre><code>local tcp_dissector_table = DissectorTable.get(&quot;tcp.port&quot;)

tcp_dissector_table:add(5001, my_proto)

asked 17 May ‘17, 22:41

ngn505's gravatar image

ngn505
6779
accept rate: 0%

edited 18 May ‘17, 00:48