Record wireshark lua's bugs found by myself and some suggestion
来源:互联网 发布:常量数组初始化 编辑:程序博客网 时间:2024/06/10 01:02
1. Lua script can not get "data-text-lines" protocol data:
for example,
local dataline = Field.new("data-text-lines")
local data = dataline()
tostring(data.value) is not ok "FT_" error
This is fixed in 1.3.4, but data.range() is not ok, report "expired tvb" error.
2. Trying to use Field.new("tcp.segments") to get reassembled TCP data is failed.
Try xxx.value or xxx() get nil. I checked the source code, and find the reason is :
In packet-tcp.c, it set "tcp.segments" field to FT_NONE type;
Then in wslua_field.c, FT_NONE is converted to lua as nil.
My suggestion is to modify wslua_field.c->FieldInfo__call, to convert all FT_NONE to lua ByteArray just like FT_PROTOCOL that has been converted to ByteArray in 1.3.4.
Another bug about Field.new("tcp.segments") is xxx.range got "expired tvb" error too in reassembled tcp packet.
3. Suggest to expose http_dissector_add() of packet-http.c as a lua function. Such, user can use lua to write dissector to analyze protocol over http. Now we have to use the workaround to register http dissector to "tcp.port" dissectors table and register our own dissector to the same port in "http.port".
4. Suggest to expose pinfo.private_data as ByteArray of lua. Current Bug is tha wslua_pinfo.c exposes private_data as LIGHTUSERDATA. I think it is meaningless. Because that cause it can not be read by lua script.
5. Suggest to expose pinfo.match_string as ByteArray to lua script. Because some dissector, like http dissector, will put content-type to pinfo.match_string and content_type_parameters to pinfo.private_data, then invoke their subdissector (like "media_type" table's dissector). Certainly, now dissectors that register in "media_type" table can use Field.new("Content-Type") to get content-type value, and parsing it itself. But I think it is formal way to get it from match_string and private_data.
6. Suggest to expose pinfo.can_desegment to lua script or set its default to true. Because sometime we invoke standard dissector like http dissector in our own dissector, and we hope http dissector will return negative (and set pinfo.desegment_offset and pinfo.desegment_len) when it found it needs more packet to complete its dissection. But now, it can not happen, because pinfo.can_desegment default is 0 in lua script. (I don't very sure about this point)
- Record wireshark lua's bugs found by myself and some suggestion
- Some test code designed by myself
- Some suggestion
- Get Record(s) by Ids
- Some books recommended, and also a simple introduction of myself.
- Some suggestion for .net
- Ubuntu bash auto completion and suggestion for command not found
- gift to me by myself on 2012's new year
- Simple LinkedList by Myself and Gains using Rust
- [torch] some bugs
- [DataSet Error] Record not found or changed by another user
- clientdataset“Record not found or changed by another user”问题
- record not found or changed by another user 解决
- record not found or changed by another user 解决方法
- The chairmain's suggestion
- What are some recent major computer system failures caused by software bugs?
- All by Myself
- gtk by myself ------callback
- Mac tokend
- 4.28学习工作日志
- Android.自定义控件的实现_RadioButton 和RadioGroup
- “本架客机出现了一些故障,正在维修……”
- 梅西再演4大喜,巴萨横扫国米。
- Record wireshark lua's bugs found by myself and some suggestion
- 变量引用问题
- 应用实例:去掉字段中多个带区号电话号码前面的区号
- jsp notes
- c 与 c++中的time相关函数
- CIM
- Hierarchy of Classes
- 照相机(百度百科)
- VB.Net程序设计:桌面彩色直尺