In Wireshark Lua Dissectors page: https://wiki.wireshark.org/Lua/Dissectors
It said: A TvbRange represents a usable range of a Tvb and is used to extract data from the Tvb that generated it. TvbRanges are created by calling a Tvb (e.g. 'tvb(offset,length)'). If the TvbRange span is outside the Tvb's range the creation will cause a runtime error.
-- trivial protocol example
-- declare our protocol
trivial_proto = Proto("trivial","Trivial Protocol")
-- create a function to dissect it
function trivial_proto.dissector(buffer,pinfo,tree)
pinfo.cols.protocol = "TRIVIAL"
local subtree = tree:add(trivial_proto,buffer(),"Trivial Protocol Data")
subtree:add(buffer(0,2),"The first two bytes: " .. buffer(0,2):uint())
subtree = subtree:add(buffer(2,2),"The next two bytes")
subtree:add(buffer(2,1),"The 3rd byte: " .. buffer(2,1):uint())
subtree:add(buffer(3,1),"The 4th byte: " .. buffer(3,1):uint())
end
-- load the udp.port table
udp_table = DissectorTable.get("udp.port")
-- register our protocol to handle udp port 7777
udp_table:add(7777,trivial_proto)
The expresion "buffer(2,1)" create a TvbRanges from a Tvb object,what's the syntax in lua? Here ,we pass two parameter to a object, not a function, what's mean, how to implement it?
When you try to call something that's not a function, Lua looks for a __call metamethod on it, and calls that instead if it exists. For this particular object, https://www.wireshark.org/docs/wsdg_html_chunked/lua_module_Tvb.html#lua_fn_tvb___call__ says it's equivalent to calling the :range() method on it, e.g., you could replace buffer(2,2) with buffer:range(2,2).