Last active
August 1, 2021 21:14
-
-
Save geraldcombs/d38ed62650b1730fb4e90e2462f16125 to your computer and use it in GitHub Desktop.
Wireshark Lua postdissector that converts frame.time_delta_displayed to distance values.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -- delta_distance.lua | |
| -- Add delta_distance.{copper,fiber}.{km,mi} fields | |
| -- By Gerald Combs <gerald@wireshark.org> | |
| -- Modified from https://wiki.wireshark.org/Lua/Examples/PostDissector | |
| -- My Wireshark Lua skills were getting rusty so I wrote this. There are | |
| -- probably mistakes. | |
| -- To use this script, place it in your personal Lua plugin directory. | |
| -- You can find that by going to "About → Folders". | |
| -- Links: | |
| -- Fractional speed of light in copper and fiber | |
| -- https://en.wikipedia.org/wiki/Velocity_factor | |
| -- The Lua programming language | |
| -- https://www.lua.org/ | |
| -- The Wireshark Developer's Guide Lua reference | |
| -- https://www.wireshark.org/docs/wsdg_html_chunked/wsluarm.html | |
| -- Wireshark Q&A | |
| -- https://ask.wireshark.org/ | |
| -- The Wireshark development mailing list | |
| -- wireshark-dev@wireshark.org | |
| -- | |
| -- Setup. | |
| -- The following code is run once during program startup | |
| -- | |
| -- Extract frame.time_delta_displayed. This will be added by the Frame | |
| -- dissector before delta_distance_p.dissector is called below. | |
| local delta_t_f = Field.new("frame.time_delta_displayed") | |
| -- Define the delta_distance protocol. | |
| -- This will show up at the bottom of the packet details in square brackets. | |
| local delta_distance_p = Proto("delta_distance", "Frame displayed delta distance") | |
| -- Define our fields. These will show up under delta_distance. | |
| local dd_cat6_km_field = ProtoField.float("delta_distance.cat6.km", "Cat 6 km") | |
| local dd_cat6_mi_field = ProtoField.float("delta_distance.cat6.mi", "Cat 6 mi") | |
| local dd_fiber_km_field = ProtoField.float("delta_distance.fiber.km", "Fiber km") | |
| local dd_fiber_mi_field = ProtoField.float("delta_distance.fiber.mi", "Fiber mi") | |
| -- Add our fields to delta_distance_p. | |
| delta_distance_p.fields = { dd_cat6_km_field, dd_cat6_mi_field, dd_fiber_km_field, dd_fiber_mi_field } | |
| -- Register delta_distance_p as a postdissector. | |
| register_postdissector(delta_distance_p) | |
| -- | |
| -- Post-dissection. | |
| -- The following code is run after each packet has been dissected. | |
| -- | |
| -- This is where we add items to the tree. | |
| function delta_distance_p.dissector(tvb, pinfo, tree) | |
| local delta_fld = delta_t_f() | |
| if delta_fld == nil then | |
| return | |
| end | |
| -- Speed of light in a vacuum. | |
| local c_vacuum_km_s = 299792 | |
| local c_vacuum_mi_s = 186282 | |
| -- Cat 6a velocity factor | |
| local cat_6a_vf = .65 | |
| -- Fiber velocity factor | |
| local fiber_vf = .67 | |
| -- Do some arithmetic and add our items to the tree. | |
| local distance_tree = tree:add(delta_distance_p) | |
| distance_tree:set_generated() | |
| local delta_t = delta_fld.value:tonumber() | |
| local dd_cat6_km = delta_t * c_vacuum_km_s * cat_6a_vf | |
| local dd_cat6_mi = delta_t * c_vacuum_mi_s * cat_6a_vf | |
| local dd_fiber_km = delta_t * c_vacuum_km_s * fiber_vf | |
| local dd_fiber_mi = delta_t * c_vacuum_mi_s * fiber_vf | |
| distance_tree:add(dd_cat6_km_field, dd_cat6_km):set_generated() | |
| distance_tree:add(dd_cat6_mi_field, dd_cat6_mi):set_generated() | |
| distance_tree:add(dd_fiber_km_field, dd_fiber_km):set_generated() | |
| distance_tree:add(dd_fiber_mi_field, dd_fiber_mi):set_generated() | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
https://gitlab.com/-/snippets/2156053 is probably more up to date.