Question
I have a custom dissector (written in Lua) that I am using in many aspects of my current project.
I would also like to write a tap to perform some specific calculations for a particular task. I would like to keep this separate from the general purpose dissector for purposes of modularity.
Is there a way to invoke a dissector and a tap, both written in Lua, from the tshark command line? More generally, can an arbitrary number of Lua scripts be invoked, and if so, will they get invoked in the correct order?
EDIT: I have tried invoking the two scripts from the command line:
https://stackoverflow.com/questions/21757878
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russiantshark -Xlua_script:my_diss.lua -Xlua_script:my_tap.lua -r my.pcap
But I get an error:
tshark: Lua: Error during loading:
[string "my_tap.lua"]:9: bad argument #1 to 'new' (Field_new: a field with this name must exist)
The field name that this line refers to is created in my_diss.lua, but it is apparently not visible when my_tap.lua is being loaded.
Solution 2
This is now supported in the wireshark codebase (version 1.8.5). I built from source and was able to get the desired behavior.
The relevant issue is: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6020
The relevant commit is: http://anonsvn.wireshark.org/viewvc?view=revision&revision=47877
OTHER TIPS
That would require that the "initialize Lua" code in libwireshark be told which Lua scripts are dissectors and which Lua scripts are taps, and load them at the appropriate time so that, for example, all dissectors are loaded before all taps.
That means Wireshark would have to be changed; please file an bug at the Wireshark Bugzilla for this.
