On Fri, Mar 29, 2013 at 6:19 AM, Hadriel Kaplan <[email protected]>wrote:
> > Hi Cristian - thanks for example script! > Comments inline... > > > On Mar 20, 2013, at 1:11 PM, Cristian Constantin < > [email protected]> wrote: > > > hi! > > I attach a lua script that can extract and dump in a separate file > > isup payloads from either sigtran or ss7 packets. > > Do you have a sample capture file to test it against? The only ones I > have with ISUP don't have the data tag you're exporting. > cristian: you mean the pcap has sigtran packets and the test for the m3ua tag number fails? I could make the tag number configurable... the pcap is pretty large and I am not sure that I can share it. let me check it and I will get back to you. thanks. cristian > > > it can be used as an example on how to extract and manipulate binary > > fields from packets; > > I did not find any other one when I was looking for it. > > for using it you have to download and compile the "struct.so" module > from here: > > http://www.inf.puc-rio.br/~roberto/struct/ > > There are some others out there - some a superset of Roberto's, some > completely different. In your particular case I don't think you needed it > - you can convert a number to a little-endian 2-byte/short value with plain > Lua, and you can just write binary directly to a file too. > > For example instead of this: > > local len = len_number-16 > if(1==debug) then > print("isup len:", len) > end > -- use the i-th isup payload > len_bin = lib.pack('<H', len) > for b in string.gfind(len_bin, ".") do > file:write(b) > end > > Do this: > > local len = len_number-16 > file:write( string.char(len % 256, math.floor(len / 256)) ) > > -hadriel > > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <[email protected]> > Archives: http://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev > mailto:[email protected] > ?subject=unsubscribe >
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <[email protected]> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:[email protected]?subject=unsubscribe
