Home/ Questions/Q 7418565
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-29T07:54:38+00:00

I’m working on a wireshark dissector in lua to dissect a custom protocol that

  • 0

I’m working on a wireshark dissector in lua to dissect a custom protocol that is based on 802.15.4. Unfortunately I cannot figure out the right DissectorTable name:

table = DissectorTable.get("wpan") -- wpan does not work
table:add(0, myProto) -- I'm unsure about the first argument here

What dissector table name do I have to use to create the described dissector? and what goes as a first argument for the add function?

Thanks in advance!

EDIT

I figured out that I have to do it this way:

table = DissectorTable.get("wtap_encap")
table:add(104, myProto)

where 104 stands for 802.15.4.

I found it by looking in wireshark -> internals -> dissector table

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    To add to Martin’s answer, you can also use the wtap table (which contains these integer constants) from init.lua like so:

    table:add(wtap["IEEE802_15_4"], myProto)
table:add(wtap["IEEE802_15_4_NOFCS"], myProto)

    From /usr/share/wireshark/init.lua (Windows: %PROGRAMFILES%\Wireshark\init.lua) :

    wtap = {
    ["UNKNOWN"] = 0,
    ["ETHERNET"] = 1,
    ["TOKEN_RING"] = 2,
    ["SLIP"] = 3,
    ["PPP"] = 4,
    ["FDDI"] = 5,
    ["FDDI_BITSWAPPED"] = 6,
    ["RAW_IP"] = 7,
    ["ARCNET"] = 8,
    ["ARCNET_LINUX"] = 9,
    ["ATM_RFC1483"] = 10,
    ["LINUX_ATM_CLIP"] = 11,
    ["LAPB"] = 12,
    ["ATM_PDUS"] = 13,
    ["ATM_PDUS_UNTRUNCATED"] = 14,
    ["NULL"] = 15,
    ["ASCEND"] = 16,
    ["ISDN"] = 17,
    ["IP_OVER_FC"] = 18,
    ["PPP_WITH_PHDR"] = 19,
    ["IEEE_802_11"] = 20,
    ["PRISM_HEADER"] = 21,
    ["IEEE_802_11_WITH_RADIO"] = 22,
    ["IEEE_802_11_WLAN_RADIOTAP"] = 23,
    ["IEEE_802_11_WLAN_AVS"] = 24,
    ["SLL"] = 25,
    ["FRELAY"] = 26,
    ["FRELAY_WITH_PHDR"] = 27,
    ["CHDLC"] = 28,
    ["CISCO_IOS"] = 29,
    ["LOCALTALK"] = 30,
    ["OLD_PFLOG"] = 31,
    ["HHDLC"] = 32,
    ["DOCSIS"] = 33,
    ["COSINE"] = 34,
    ["WFLEET_HDLC"] = 35,
    ["SDLC"] = 36,
    ["TZSP"] = 37,
    ["ENC"] = 38,
    ["PFLOG"] = 39,
    ["CHDLC_WITH_PHDR"] = 40,
    ["BLUETOOTH_H4"] = 41,
    ["MTP2"] = 42,
    ["MTP3"] = 43,
    ["IRDA"] = 44,
    ["USER0"] = 45,
    ["USER1"] = 46,
    ["USER2"] = 47,
    ["USER3"] = 48,
    ["USER4"] = 49,
    ["USER5"] = 50,
    ["USER6"] = 51,
    ["USER7"] = 52,
    ["USER8"] = 53,
    ["USER9"] = 54,
    ["USER10"] = 55,
    ["USER11"] = 56,
    ["USER12"] = 57,
    ["USER13"] = 58,
    ["USER14"] = 59,
    ["USER15"] = 60,
    ["SYMANTEC"] = 61,
    ["APPLE_IP_OVER_IEEE1394"] = 62,
    ["BACNET_MS_TP"] = 63,
    ["NETTL_RAW_ICMP"] = 64,
    ["NETTL_RAW_ICMPV6"] = 65,
    ["GPRS_LLC"] = 66,
    ["JUNIPER_ATM1"] = 67,
    ["JUNIPER_ATM2"] = 68,
    ["REDBACK"] = 69,
    ["NETTL_RAW_IP"] = 70,
    ["NETTL_ETHERNET"] = 71,
    ["NETTL_TOKEN_RING"] = 72,
    ["NETTL_FDDI"] = 73,
    ["NETTL_UNKNOWN"] = 74,
    ["MTP2_WITH_PHDR"] = 75,
    ["JUNIPER_PPPOE"] = 76,
    ["GCOM_TIE1"] = 77,
    ["GCOM_SERIAL"] = 78,
    ["NETTL_X25"] = 79,
    ["K12"] = 80,
    ["JUNIPER_MLPPP"] = 81,
    ["JUNIPER_MLFR"] = 82,
    ["JUNIPER_ETHER"] = 83,
    ["JUNIPER_PPP"] = 84,
    ["JUNIPER_FRELAY"] = 85,
    ["JUNIPER_CHDLC"] = 86,
    ["JUNIPER_GGSN"] = 87,
    ["LINUX_LAPD"] = 88,
    ["CATAPULT_DCT2000"] = 89,
    ["BER"] = 90,
    ["JUNIPER_VP"] = 91,
    ["USB"] = 92,
    ["IEEE802_16_MAC_CPS"] = 93,
    ["NETTL_RAW_TELNET"] = 94,
    ["USB_LINUX"] = 95,
    ["MPEG"] = 96,
    ["PPI"] = 97,
    ["ERF"] = 98,
    ["BLUETOOTH_H4_WITH_PHDR"] = 99,
    ["SITA"] = 100,
    ["SCCP"] = 101,
    ["BLUETOOTH_HCI"] = 102,
    ["IPMB"] = 103,
    ["IEEE802_15_4"] = 104,
    ["X2E_XORAYA"] = 105,
    ["FLEXRAY"] = 106,
    ["LIN"] = 107,
    ["MOST"] = 108,
    ["CAN20B"] = 109,
    ["LAYER1_EVENT"] = 110,
    ["X2E_SERIAL"] = 111,
    ["I2C"] = 112,
    ["IEEE802_15_4_NONASK_PHY"] = 113,
    ["TNEF"] = 114,
    ["USB_LINUX_MMAPPED"] = 115,
    ["GSM_UM"] = 116,
    ["DPNSS"] = 117,
    ["PACKETLOGGER"] = 118,
    ["NSTRACE_1_0"] = 119,
    ["NSTRACE_2_0"] = 120,
    ["FIBRE_CHANNEL_FC2"] = 121,
    ["FIBRE_CHANNEL_FC2_WITH_FRAME_DELIMS"] = 122,
    ["JPEG_JFIF"] = 123,
    ["IPNET"] = 124,
    ["SOCKETCAN"] = 125,
    ["IEEE802_11_NETMON_RADIO"] = 126,
    ["IEEE802_15_4_NOFCS"] = 127,
    ["RAW_IPFIX"] = 128,
    ["RAW_IP4"] = 129,
    ["RAW_IP6"] = 130,
    ["LAPD"] = 131,
    ["DVBCI"] = 132,
    ["MUX27010"] = 133,
    ["MIME"] = 134,
    ["NETANALYZER"] = 135,
    ["NETANALYZER_TRANSPARENT"] = 136,
    ["IP_OVER_IB"] = 137
}
    • 0