1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
|
This is an interface to the Lua programming language.
http://www.lua.org
To get it to work you need to download lua-5.0.2.tar.gz into the plugin
directory, uncompress it, cd to it and call make.
The interface is buggy and far from finished, time will help on this.
Interface:
ValueString -- a class to manage value_strings
.new() -- create a new empty Valuetring
:add(val,str) -- add a value-string pair to a ValueString
:match(val) -- a wrapper arroud val_to_str()
ProtoField -- a class that represents registration info of fields.
.new(name,fieldname,FT_,value_str*,BASE_*,desc*)
-- declare a field (both the hfid and the registration info)
ProtoFieldArr -- a class that represents the field_array of a protocol.
.new() -- creates an empty field array to start with
:add(field,field*,...) -- adds fields to the array
SubTreeType -- a class to represent an ett
:new() -- create an ett
SubTreeTypeArr -- a class that represents the ett array for a protocol
.new(subtree*,...) -- creates an array
:add(subtree*,...) -- adds Etts to the array
:register() -- registers the ett array with wireshark
Proto -- a class that represents protocol info in wireshark
.new(name,filter_name,descr) -- creates and registers a new protocol
:register_field_array(field_array) -- registers a field array as this protocol's
:add_uint_pref(abbr,...) -- adds an uint preference to this protocol
:add_bool_pref(abbr,...) -- adds a string preference to this protocol
:add_string_pref(abbr,...) -- adds an bool preference to this protocol
:get_pref(abbr) -- fetches the value of a preference
DissectorTable -- a class to intreface to dissector tables
.new(name,ui_name,type,opt_base) -- create a dissector table for others to register
.get(name) -- obtain a reference to another's dissector table
:add(pattern,proto) -- add a protocol to a table (*)
:try(pattern,tvb,pinfo,tree) -- try to invoke a dissector through a table
Dissector -- a class that represent another dissector
.get(name) -- wraps find_dissector
:call(tvb,pinfo,tree) -- calls a dissector
ByteArray -- a class to manage byte arrays
.new()
.new(string) -- like "00 01 22 2a" or "0129374AF5D"
:get_index(idx) -- gets the value of the idx byte from the array
:len() -- the length of the array
Tvb -- a class that represents a tvb
.new(tvb,opt_offset,opt_len) -- creates a subset tvb
:get_* -- wrappers to tvb_get_* functions
Pinfo -- a class that represents a packet_info structure
:number -- the frame number
:len -- the frame len
:caplen -- the frame capture len
:abs_ts -- absolute timestamp a floating number (s + ns/10^9)
:rel_ts -- relative timestamp
:delta_ts -- delta
:visited -- pinfo->fd->flags.visited
:src_address -- so far a string representing the address
:dst_address -- we need an adress class!
:dl_src
:dl_dst
:net_src
:net_dst
:ipproto
:circuit_id
:ptype
:match_port
:match_string
:curr_proto
:col -- colifo = pinfo:col(COL_INFO)
Column -- a class that represents a column
:clear
:set
:append
:prepend
Tree -- a class that represents a proto_tree
:add_item -- overeloaded to accept many types of items, stil incomplete
:add_item_le -- same thing but little_endian
:get_parent -- yields the parent Item
Item -- a class that represents a proto_item
:add_subtree
:set_text
:append_text
:set_len
:set_expert_flags
:set_generated
:set_hidden
|
