So, I have written the following Lua script for my work but it does not show any output in the WireShark console for TCP at 443.
local plugin = {}
function plugin.init() --I have initialized the plugins in the function
plugin.rtt = {}
plugin.window_sizes = {}
plugin.congestion_window_size = 0
plugin.slow_start_threshold = 0
plugin.retransmit_threshold = 0
plugin.packet_drops = 0
plugin.throughput = 0
end
function plugin.process_packet(packet)
--This is processing every TCP packet
local rtt = packet:get_tcp_option("tcp_rtt")
if rtt ~= nil then
plugin.rtt[#plugin.rtt + 1] = rtt
end
local window_size = packet:get_tcp_option("tcp_window_size")
if window_size ~= nil then
plugin.window_sizes[#plugin.window_sizes + 1] = window_size
end
if packet.tcp.flags.syn then
plugin.congestion_window_size = 2
else
plugin.congestion_window_size = math.min(plugin.congestion_window_size * 2, math.max(plugin.window_sizes[#plugin.window_sizes - 1], 1))
end
if packet.tcp.flags.ack then
plugin.slow_start_threshold = plugin.congestion_window_size + 1
plugin.retransmit_threshold = plugin.congestion_window_size / 2
end
if packet.tcp.flags.rst then
plugin.congestion_window_size = 0
plugin.packet_drops = 0
end
if packet.tcp.flags.fin then
plugin.throughput = plugin.congestion_window_size / plugin.rtt[#plugin.rtt]
end
print("Results for packet:")
print("RTT:", rtt)
print("Congestion Window Size:", plugin.congestion_window_size)
print("Slow Start Threshold:", plugin.slow_start_threshold)
print("Retransmit Threshold:", plugin.retransmit_threshold)
print("Packet Drops:", plugin.packet_drops)
print("Throughput:", plugin.throughput)
end
function plugin.get_results()
return {
rtt = plugin.rtt,
window_sizes = plugin.window_sizes,
congestion_window_size = plugin.congestion_window_size,
slow_start_threshold = plugin.slow_start_threshold,
retransmit_threshold = plugin.retransmit_threshold,
packet_drops = plugin.packet_drops,
throughput = plugin.throughput
}
end
return plugin
It has been days since I have tried fixing it but in vain. Where am I wrong?
This Lua script defines a network traffic analysis plugin. It processes TCP packets, and extracts and tracks various TCP-related metrics such as Round-Trip Time (RTT), window sizes, and congestion control parameters. It calculates and updates these metrics based on packet flags and options. The script also computes and prints results like congestion window size, thresholds, packet drops, and throughput for each packet. Finally, it provides a method to retrieve the collected metrics and results from the plugin. The main focus is on analyzing and monitoring TCP behaviour within a network.
You seemed to have attempted to write a Wireshark Lua postdissector, but you didn't register it, nor did you implement it correctly. There's too much wrong to correct here, so I would suggest that you [re]read through the relevant pages of the Wireshark Developer's Guide (basically, chapters 10-11), and maybe consult some postdissector examples on the Wireshark Examples page, Wireshark Contrib page or examples from other places, such as Peter Wu's example.