| 2020-01-21 07:17:37 +0000 | received badge | ● Popular Question (source) |
| 2020-01-21 07:17:03 +0000 | marked best answer | Wireshark crashes in the “Enabled Protocols” dialog box Hello, I open the “Enabled Protocols” dialog box, press Disable All then Wireshark shut down... Is there another way to suppress all the Protocols ? |
| 2019-12-11 15:49:23 +0000 | asked a question | Wireshark crashes in the “Enabled Protocols” dialog box The “Enabled Protocols” dialog box Hello, I open the “Enabled Protocols” dialog box, press Disable All then Wireshark sh |
| 2019-07-03 11:18:11 +0000 | commented answer | print scope Here it is GIP.lua And some data in case : data_gip then running tshark -r test_210.pcapng -X lua_script:gip.lua -Q > |
| 2019-06-28 07:14:37 +0000 | received badge | ● Commentator |
| 2019-06-28 07:14:37 +0000 | commented answer | (suspected) retransmission Thank you for your expertise, it is very interresting for me. I still continue to analyze on my side |
| 2019-06-25 11:57:10 +0000 | received badge | ● Rapid Responder (source) |
| 2019-06-25 11:57:10 +0000 | answered a question | How to track packets from a certain ip? for example : (ip.src == 192.168.167.200) && (ip.dst == 192.168.167.205) where IP_SOURCE = 192.168.167.200 an |
| 2019-06-25 07:09:04 +0000 | commented answer | print scope Here it is GIP.lua And some data in case : data_gip then running tshark -r test_210.pcapng -X lua_script:gip.lua -Q > |
| 2019-06-21 11:42:00 +0000 | commented answer | (suspected) retransmission Hello grahamb, here it is: capture Frames 32,32,34,36 are not really retransmission I think ¯_(ツ)_/¯ |
| 2019-06-21 11:41:40 +0000 | commented answer | (suspected) retransmission Hello grahamb, here it is: capture Frames 32,32,34,36 are not really retransimmsion I think ¯_(ツ)_/¯ |
| 2019-06-21 11:41:09 +0000 | commented answer | (suspected) retransmission Hello grahamb, here it is: link text Frames 32,32,34,36 are not really retransimmsion I think ¯_(ツ)_/¯ |
| 2019-06-21 07:00:57 +0000 | commented answer | print scope Hello grahamb, I read your comment and took it into account, but my problem here is to understand why the printing is no |
| 2019-06-20 05:59:46 +0000 | received badge | ● Rapid Responder |
| 2019-06-20 05:59:46 +0000 | answered a question | print scope sorry I posted too fast. By doing the same test as cmaynard, I got the same problem; In fact I was running the following |
| 2019-06-19 14:21:45 +0000 | marked best answer | lua dissector not called Hello I wrote a lua dissector, which displays correcly most of the frames. But for the frames marked as "(suspected) retransmission" , the dissector is not invoke... How can I correct this ? |
| 2019-06-19 14:21:12 +0000 | marked best answer | How ProtoField name are displayed ? Hello, I made some definition : When it is displayed : ![https://www.dropbox.com/s/93bu0pbuan4moja/Capture.JPG?dl=0] I don't understand why one fied use "frameType" and the other "TGIP.chunk_count" and not "chunkCount" ? |
| 2019-06-19 14:20:49 +0000 | marked best answer | lua_scriptnum:argument My lua script works more or less. Now, I want to use it to write some of the extracted data to a XML file. I want to use the same script file, so I decided to test if there is argument send to the script.
My problem is that when I call from command line with : The arguments are not seen by the script, I suppose it is because I don't use -X option. With : I have an error : Gip.lua:34: bad argument #2 to 'Proto' (Proto_new: there cannot be two protocols with the same description) I suppose it is because the script is all ready loaded, and I call it again with -X. Do you any idea to solve this ? |
| 2019-06-19 14:20:49 +0000 | received badge | ● Scholar (source) |
| 2019-06-19 14:19:14 +0000 | asked a question | print scope print scope Hello, I'm a newbie for lua, even though lua is very powerful, fortunately there is the forum to find some a |
| 2019-06-19 13:37:48 +0000 | commented answer | lua_scriptnum:argument Thanks a lot , I had misread the documentation. Your comment on lua_script1 is interresting and relevant. Sure gui_ena |
| 2019-06-19 13:08:42 +0000 | asked a question | lua_scriptnum:argument lua_scriptnum:argument My lua script works more or less. Now, I want to use it to write some of the extracted data to a |
| 2019-06-19 13:02:15 +0000 | commented answer | (suspected) retransmission Because these lines display only raw data, and not "translated" through the dissector. For me these are not really retra |
| 2019-06-19 12:12:38 +0000 | commented answer | (suspected) retransmission When the preference is set to enable, the TCP dissector correctly reassembles the stream, that's fine !! But unfortunatl |
| 2019-06-19 10:00:16 +0000 | asked a question | (suspected) retransmission (suspected) retransmission Hello I wrote a lua dissector. For the frames marked as "(suspected) retransmission" , If |
| 2019-06-19 09:54:23 +0000 | edited question | lua dissector not called lua dissector not called Hello I wrote a lua dissector, which displays correcly most of the frames. But for the frames m |
| 2019-06-18 11:25:25 +0000 | received badge | ● Editor (source) |
| 2019-06-18 11:25:25 +0000 | edited question | lua dissector not called lua dissector not called Hello I wrote a lua dissector, which displays correcly most of the frames. But for the frames m |
| 2019-06-14 11:09:48 +0000 | commented answer | How ProtoField name are displayed ? Thank you very much, it is displayed correctly. I did not pay attention to that. |
| 2019-06-14 11:05:09 +0000 | received badge | ● Rapid Responder |
| 2019-06-14 11:05:09 +0000 | answered a question | lua dissector not called Disabling Allow subdissector to reassemble TCP stream works fine Do not call subdissectors for error pack |
| 2019-06-13 08:56:04 +0000 | asked a question | lua dissector not called lua dissector not called Hello I wrote a lua dissector, which displays correcly most of the frames. But for the frames m |
| 2019-06-13 07:07:02 +0000 | asked a question | How ProtoField name are displayed ? How ProtoField name are displayed ? Hello, I made some definition : frame_type = ProtoField.int16("TGIP.frame_type" , " |
Copyright Wireshark Foundation, 2017-2020 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.