Differences

This shows you the differences between two versions of the page.

--- packet:wireshark [2026/02/20 14:58] – created 2m0mqn
+++ packet:wireshark [2026/02/20 15:27] (current) – [Introduction] 2m0mqn
@@ Line 1: / Line 1: @@
 ====== Introduction ======
-Wireshark is a useful tool for capturing and analysing network traffic. Out of the box it supports numerous protocols including AX.25, and can be extended to decipher many more,
+[[https://www.wireshark.org/| Wireshark]] is a useful tool for capturing and analysing network traffic. Out of the box it supports numerous protocols including AX.25, and can be extended to decipher many more,
 ====== AXUDP and AXTCP ======
 In order to handle encapsulated AX.25 it's necessary to use a small script to tell Wireshark which ports it should expect to find traffic on, and to decipher it.
+Either or both of these scripts can be installed in the Wireshark [[https://www.wireshark.org/docs/wsug_html/#ChPluginFolders|Personal Plugin Folder]].
+The ''udp_table:add'' or ''tcp_table:add'' lines can be repeated to process traffic on additional ports.
+===== ax25-udp.lua =====
+<code>
+--
+-- LUA script to handle AX.25 over UDP
+-- Copyright 2015 R.W. Stearn <[email protected]>
+--
+-- This program is free software; you can redistribute it and/or
+-- modify it under the terms of the GNU General Public License
+-- as published by the Free Software Foundation; either version 2
+-- of the License, or (at your option) any later version.
+--
+-- This program is distributed in the hope that it will be useful,
+-- but WITHOUT ANY WARRANTY; without even the implied warranty of
+-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+-- GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License
+-- along with this program; if not, write to the Free Software
+-- Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+--
+--
+-- load the udp.port table
+udp_table = DissectorTable.get( "udp.port" )
+-- get a handle to the AX.25 dissector
+proto_ax25 = Dissector.get( "ax25" )
+-- register AX.25 to handle udp port
+udp_table:add( 10093, proto_ax25 )
+</code>
+===== ax25-tcp.lua =====
+<code>
+-- LUA script to handle AX.25 over TCP
+-- Copyright 2015 R.W. Stearn <[email protected]>
+-- This program is free software; you can redistribute it and/or
+-- modify it under the terms of the GNU General Public License
+-- as published by the Free Software Foundation; either version 2
+-- of the License, or (at your option) any later version.
+-- This program is distributed in the hope that it will be useful,
+-- but WITHOUT ANY WARRANTY; without even the implied warranty of
+-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+-- GNU General Public License for more details.
+-- You should have received a copy of the GNU General Public License
+-- along with this program; if not, write to the Free Software
+-- Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+--
+-- load the tcp.port table
+tcp_table = DissectorTable.get( "tcp.port" )
+-- get a handle to the AX.25 dissector
+proto_ax25 = Dissector.get( "ax25" )
+-- register AX.25 to handle tcp port
+tcp_table:add( 10093, proto_ax25 )
+</code>
 (source [[https://osqa-ask.wireshark.org/questions/41221/dissecting-ax25-included-in-udp-ip-payload-applying-existing-dissector/ |https://osqa-ask.wireshark.org/questions/41221/dissecting-ax25-included-in-udp-ip-payload-applying-existing-dissector/]] )