Then we need to build tshark (to build the GUI): Make -j $(grep processor /proc/cpuinfo | wc -l)įor more info have a look at the official POSIX installation guide.
How to integrate it with Wireshark On Linuxįirst, we need to build and install LuaJIT: I also used it to analyze two years of traffic and compared the results with the ones generated by Lua 5.2 and found no differences. True this is not as impressive as the aforementioned 110x but still such an improvement with almost no code changes is still impressive. Using it increased the performance of my dissectors by 1.7x. In my case I only had to replace \x notation with \ddd in one of my dissectors. This means you will have to replace Lua 5.2 features from your dissector. The only downside is that it implements Lua 5.1.4 whereas Wireshark is also compatible with Lua 5.2. It also has big company sponsors which rely on it. It is a Just-In-Time compiler for Lua which can give even a 110x boost depending on the algorithm. Luckily there is a way, and it’s called LuaJIT. I plan to rewrite them using the ASN.1 generator but until then, is there some way to boost my Lua dissectors without or with minimal changes? What I know though is that load time (Edit -> Preferences -> Appearance -> Layout -> Show file load time) is about 50 times slower when my Lua Dissectors are enabled. The only comparison I have found is in Graham Bloice’s Writing-a-Wireshark-Dissector presentation in SharkFest’13. Since I have only written dissectors in Lua, I cannot make comparisons. Writing a Wireshark Dissector using Lua might be the easier than using C but there is a performance penalty.
0 kommentar(er)
