Wireshark has supported Lua scripting for some time now but I couldn't find many examples of it really being used, so I hacked together a dissector for the new radiotap format.
-- Imports 'radiotap'
radiotap_present = Field.new("radiotap.present")
-- Exports 'radiotap_mcs'
radiotap_mcs_proto = Proto("radiotap_mcs","Radiotap MCS extension postdissector")
mcs_F = ProtoField.string("radiotap_mcs.mcs","MCS")
radiotap_mcs_proto.fields = {mcs_F}
-- Dissector
function radiotap_mcs_proto.dissector(buffer,pinfo,tree)
local flags = radiotap_present();
local mcs_present = buffer(6,1):uint();
if (flags and mcs_present==8) then
local mcs = buffer(28,1):uint();
local subtree = tree:add(radiotap_mcs_proto,"MCS")
subtree:add(mcs_F,tostring(mcs));
end
end
-- register our protocol as a postdissector
register_postdissector(radiotap_mcs_proto)
This is my first attempt at Lua so apologies for rather a nasty bodge, but you get the idea...
No comments:
Post a Comment