I'm writing lua script to dissect coap protocol. However I cannnot get coap options(URI-Path) of 2nd or later if there are several same options.
do
local test_proto = Proto("test_proto", "Test Protocol")
local test_uripath = ProtoField.string("test.uripath", "Uri-Path")
test_proto.fields = {test_uripath}
local coap_uripath = Field.new("coap.opt.uri_path")
function test_proto.dissector(tvbuffer, pinfo, treeitem)
local subtree = treeitem:add(test_proto)
subtree:add(test_uripath, tostring(coap_uripath().value))
end
register_postdissector(test_proto)
end
Only first URI-Path is displayed at subtree even if coap URI-Path option has several values like the following.
Opt Name: #1: URI-Path: XXX
Opt Name: #2: URI-Path: YYY
I can only get XXX by using coap.opt.uri_path. How can I get 2nd or later same option fields?
If you're interested in all fields and not just the first one, then you'll need to process the entire table. For example:
do
local test_proto = Proto("test_proto", "Test Protocol")
local test_uripath = ProtoField.string("test.uripath", "Uri-Path")
test_proto.fields = {test_uripath}
local coap_uripath = Field.new("coap.opt.uri_path")
function test_proto.dissector(tvbuffer, pinfo, treeitem)
local subtree = treeitem:add(test_proto)
local coap_uripath_table = { coap_uripath() }
for i,uripath in ipairs(coap_uripath_table) do
subtree:add(test_uripath, tostring(uripath.value))
end
end
register_postdissector(test_proto)
end
See also:
https://osqa-ask.wireshark.org/questions/35682/lua-accessing-multiple-smb2msg_id-values
https://osqa-ask.wireshark.org/questions/1579/fetching-multiple-named-values-with-lua