This plugin is implemented using the Lua programming language. The Wireshark version that you use needs to have built-in support for Lua. You can check the same in Wireshark by clicking on the menu Help -> About Wireshark, and you should see a string with Lua .
The plugin has been tested on Wireshark version 2.2.6 with Lua 5.2.4 on Ubuntu and Mac OS X operating systems.
This project is still highly experimental and subject to breaking changes. Use it at your own risk.
You can start the Lua plugin with your Wireshark packet capture file as shown below:
$ wireshark -X lua_script:aerospike.lua file-capture.pcapng
You need to ensure that Lua support is not disabled in /etc/wireshark/init.lua:
disable_lua = false
If you would like the plugin to be loaded on startup, you can place the plugin in ~/.wireshark/plugins folder. You might also want to refer the "Plugin folders" section in the user guide:
https://www.wireshark.org/docs/wsug_html_chunked/ChPluginFolders.html
The Aerospike Wireshark Lua plugin is at lua/aerospike.lua.
You can also generate the aerospike.lua file using the following command:
$ less -f "docs/aerospike.lua.md" | lit2lua > lua/aerospike.lua
You can use luarocks to install lualit. The version of luarocks used is 2.2.0, and that of lualit used during development is 0.0.2-1.
Literate programming has been used to inline documentation with code in a Markdown format. The same is available at docs/aerospike.lua.md.
The following Aerospike wire protocols are supported:
Protocol |
---|
Info |
Message |
Heartbeat |
Batch |
You can run automated tests using the following commands from the tests/ folder:
$ cd tests
$ make clean && make test
luacov and luacov-console installed using luarocks are required to produce code coverage report. Running the tests will also generate the coverage summary report.
When using Wireshark version prior to 2.6.4, the following additional changes need to be done:
-
Update /usr/local/share/lua/5.1/luacov/hook.lua (or ~/.luarocks/share/lua/5.1/luacov/hook.lua) with:
- local name = debug.getinfo(level, "S").source
- local name = "@../lua/aerospike.lua"
-
If installing Luarocks packages to /usr, you need to give access to non-root user:
$ cd /usr/local/share/lua/5.1 $ sudo chmod a+r *
Source: lunarmodules/luacov#55 https://github.com/luarocks/luarocks/wiki/Using-LuaRocks
Please file GitHub issues if you find any bugs or have feature requests.
-
Wireshark with Lua support. https://wiki.wireshark.org/Lua#Getting_Started
-
Luarocks. https://luarocks.org/