I am currently working on a homemade USB protocol to get to know dissectors in wireshark.
I have written my dissector with Lua and added it to wireshark but I don't really understand the dissector table and especially how to apply my homemade protocol. Here is my code:
rssi_protocol = Proto("RSSI", "RSSI protocol")
header = ProtoField.ubytes("rssi.header", "Header", base.NONE)
Rx = ProtoField.uint8("rssi.rx", "Reception time", base.HEX)
Tx = ProtoField.uint8("rssi.tx", "Transmission time", base.HEX)
Power = ProtoField.uint8("rssi.power", "Power Attenuation", base.HEX)
RSSI1 = ProtoField.uint8("rssi.1", "First RSSI", base.HEX)
RSSI2 = ProtoField.uint8("rssi.2", "Second RSSI", base.HEX)
RSSI3 = ProtoField.uint8("rssi.3", "Third RSSI", base.HEX)
rssi_protocol.fields = {header, Rx, Tx, Power, RSSI1, RSSI2, RSSI3}
function rssi_protocol.dissector(buffer, pinfo, tree)
length = buffer:len()
if length == 0 then return end
pinfo.cols.protocol = rssi_protocol.name
local subtree = tree:add(rssi_protocol, buffer(), "RSSI Protocol Data")
subtree.add(header, buffer(0, 19))
subtree.add(Rx, buffer(19, 1))
subtree.add(Tx, buffer(20,1))
subtree.add(Power, buffer(21,1))
subtree.add(RSSI1, buffer(22, 1))
subtree.add(RSSI2, buffer(23,1))
subtree.add(RSSI3, buffer(24,1))
end
DissectorTable.get(<TABLE>)add(<VALUE>, rssi_protocol)
I want my protocol to interpret the red selection. And I have no idea which DissectorTable I should use to compute that part. Any ideas?
It may be relevant, I working on a virtual machine and tracing the usbmon2 to get my data.
Cheers.
OK, I know what I was doing wrong. I thought the dissector table was correlated to the information we can see in the footer when selecting a field, e.g usb.bus_id or usb.unused_setup_header. It's not.
I have also finally found the menu View -> Internal -> Dissector table in the new wireshark version which gives us all available dissector.