tools: wireshark plugin does not dissect first SCION packet #4598
Assignees
Labels
bug
Something isn't working
Comments
|
Behavior before: Fixed behavior: |
FR4NK-W
added a commit
that referenced
this issue
Aug 14, 2024
This fixes bug #4598 where the first SCION packet in a capture is never dissected as a SCION packet. The filter function is (only) called on the first packet of the conversation (4-tuple) since we set the dissector for the conversation. To also dissect the initial packet of a conversation for which a heuristic dissector function is registered, the dissector has to be called explicitly at the end of the filter function when a packet matches. From the docs: https://www.wireshark.org/docs/wsdg_html/#lua_fn_proto_register_heuristic_listname__func_ >The function should perform as much verification as possible to ensure the payload is for it, and **dissect the packet** (including setting TreeItem info and such) only if the payload is for it, before returning true or false. Also look at the comments there: https://github.com/wireshark/wireshark/blob/master/test/lua/dissector.lua#L523 https://github.com/wireshark/wireshark/blob/afff4e02/test/lua/dissector.lua#L523
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
After the switch to the heuristic SCION traffic identification in #4582 , the first SCION packet in a "conversation" (4-tuple) does not get dissected as SCION traffic, even though the packet is matched by the filter heuristics for SCION.
The text was updated successfully, but these errors were encountered: