{"id":27475356,"url":"https://github.com/pcolladosoto/dissectors","last_synced_at":"2025-04-16T06:42:20.944Z","repository":{"id":287684593,"uuid":"965481965","full_name":"pcolladosoto/dissectors","owner":"pcolladosoto","description":"A collection of handy Wireshark dissectors","archived":false,"fork":false,"pushed_at":"2025-04-13T09:28:43.000Z","size":18,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-13T10:30:04.583Z","etag":null,"topics":["lua","wireshark-dissector"],"latest_commit_sha":null,"homepage":"","language":"Lua","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/pcolladosoto.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-04-13T09:06:29.000Z","updated_at":"2025-04-13T09:29:32.000Z","dependencies_parsed_at":"2025-04-13T10:30:11.550Z","dependency_job_id":null,"html_url":"https://github.com/pcolladosoto/dissectors","commit_stats":null,"previous_names":["pcolladosoto/dissectors"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pcolladosoto%2Fdissectors","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pcolladosoto%2Fdissectors/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pcolladosoto%2Fdissectors/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pcolladosoto%2Fdissectors/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/pcolladosoto","download_url":"https://codeload.github.com/pcolladosoto/dissectors/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249209412,"owners_count":21230500,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["lua","wireshark-dissector"],"created_at":"2025-04-16T06:42:20.531Z","updated_at":"2025-04-16T06:42:20.936Z","avatar_url":"https://github.com/pcolladosoto.png","language":"Lua","funding_links":[],"categories":[],"sub_categories":[],"readme":"# A collection of Wireshark dissectors\nWhen working in different projects one sometimes comes across lesser known protocols which don't\nhave the traction needed to have a full-fledged dissector shipped with Wireshark. When things\ndon't work the first impulse one usually has is to manually decode information in the payload,\nbut that'll only take you so far...\n\nAt some point it's common to decide a dissector would be quite a bit of help, so we roll our sleeves\nup and get to work. Thankfully, Wireshark's design allows for a quite seamless addition of new\ndissectors.\n\nWireshark allows one to write dissectors in two languages: C and Lua. The former is faster, but\nthe development overhead is much larger. Lua won't be as fast (although it **is** fast), but it's\nreally easy to whip something up in a shorter timespan. Unless absolutely necessary we'll\ndevelop our dissectors in Lua; besides, the language is quite nice!\n\n## Installing these dissectors\nWireshark is capable of reloading all Lua plugins seamlessly when running: these just need to be placed\nin the different plugin folders as documented [here](https://www.wireshark.org/docs/wsug_html_chunked/ChPluginFolders.html).\n\nThe general idea is to:\n\n1. Go to `Help –\u003e About Wireshark –\u003e Folders` and find your personal plugins folder so that you can copy Lua scripts there.\n1. Reload all the Lua plugins wither with the appropriate menu button or with `Ctrl+Shift+L` (`Cmd+Shift+L` on macOS).\n\nAfter that, the dissectors should be usable. If there's an error with the code it'll trigger an error window with relevant\ninformation.\n\n## Development resources\nWireshark's development guide offers a wealth of resources tremendously valuable for developing dissectors,\nincluding:\n\n1. [An overview on dissectors written in Lua](https://wiki.wireshark.org/Lua/Dissectors).\n1. [An explanation on functions for dissectors](https://www.wireshark.org/docs/wsdg_html_chunked/lua_module_Proto.html).\n1. [An explanation on acquiring packet information](https://www.wireshark.org/docs/wsdg_html_chunked/lua_module_Pinfo.html).\n1. [An explanation on functions for handling the packet buffer](https://www.wireshark.org/docs/wsdg_html_chunked/lua_module_Tvb.html).\n1. [An explanation on adding information to the dissection tree](https://www.wireshark.org/docs/wsdg_html_chunked/lua_module_Tree.html).\n\nThe guide on writing a dissector provided by Mika over [here](https://mika-s.github.io/wireshark/lua/dissector/2017/11/04/creating-a-wireshark-dissector-in-lua-1.html).\n\nAlso, bear in mind that you can always rely on the **Lua Console** under the `Tools` menu in the toolbar. You can see information\n`print()`ed from Lua scripts there and you can also evaluate any statement in Wiresharks context.\n\n## Available dissectors\n### IPbus\nThe IPbus protocol offers a control link for electronics and is widely used in the context of High Energy Physics. It's commonly\nleveraged to interact with the firmware running on FPGAs so that users can read out information and modify memory-mapped resources\nwhilst the firmware runs. You can access more information on IPbus over [here](https://ipbus.web.cern.ch).\n\nThis UPD-based protocol supports both little and big endian byte orderings and sports a reduced-yet-complete collection of messages.\n\nThis dissector has been developed as part of the Phase-II Upgrade of the ATLAS Liquid Argon Calorimeter Upgrade for the High-Luminosity\nLHC era.\n\nThe IPbus protocol specification is available [here](https://ipbus.web.cern.ch/doc/user/html/_downloads/d251e03ea4badd71f62cffb24f110cfa/ipbus_protocol_v2_0.pdf).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpcolladosoto%2Fdissectors","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpcolladosoto%2Fdissectors","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpcolladosoto%2Fdissectors/lists"}