问题
I have packet with trailer data after the packet as in ixia timestamp trailer. I am trying to write a dissector for Wireshark that is quite the same as ixia-packet_trailer plugin. https://raw.githubusercontent.com/boundary/wireshark/master/epan/dissectors/packet-ixiatrailer.c
But i wanted to write in Lua, so it is easiest to change. So i replace the C line
heur_dissector_add("eth.trailer", dissect_ixiatrailer, proto_ixiatrailer);
by the following in the Lua
eth_table = DissectorTable.get("eth.trailer")
But i got error from Wireshark "bad argument to get (DissectorTable_get no such dissector table)"
回答1:
Since "eth.trailer" is registered as a heuristic list (see packet-eth.c), I think you'll probably need to follow the example provided here: https://mika-s.github.io/wireshark/lua/dissector/2018/12/30/creating-port-independent-wireshark-dissectors-in-lua.html
Basically, I think you're going to need to do something like so:
your_protocol:register_heuristic("eth.trailer", heuristic_checker)
... where heuristic_checker is the function that checks if the trailer is in fact for your dissector or not.
来源:https://stackoverflow.com/questions/55442124/wireshark-lua-dissector-plugin-table-error