In trying to use dissector/baichuan.lua (with tshark) to capture packets on the headless access point I found that it requires another module but there was not mention of how to make use of the dissector in any documentation.
$ tshark -P -w argusPT.pcap -i ap_soggy -f "ether host 38:ab:41:37:76:d2 or net 10.254.1.0/24 or broadcast"
tshark: Lua: Error during loading:
/home/tj/.local/lib/wireshark/plugins/baichuan.lua:229: module 'luagcrypt' not found:
no field package.preload['luagcrypt']
no file '/home/tj/.local/lib/wireshark/plugins/luagcrypt.lua'
no file '/home/tj/.local/lib/wireshark/plugins/luagcrypt.lua'
no file '/usr/lib/x86_64-linux-gnu/wireshark/plugins/luagcrypt.lua'
no file '/usr/local/share/lua/5.2/luagcrypt.lua'
no file '/usr/local/share/lua/5.2/luagcrypt/init.lua'
no file '/usr/local/lib/lua/5.2/luagcrypt.lua'
no file '/usr/local/lib/lua/5.2/luagcrypt/init.lua'
no file '/usr/share/lua/5.2/luagcrypt.lua'
no file '/usr/share/lua/5.2/luagcrypt/init.lua'
no file './luagcrypt.lua'
no file '/usr/local/lib/lua/5.2/luagcrypt.so'
no file '/usr/lib/x86_64-linux-gnu/lua/5.2/luagcrypt.so'
no file '/usr/lib/lua/5.2/luagcrypt.so'
no file '/usr/local/lib/lua/5.2/loadall.so'
no file './luagcrypt.so'
stack traceback:
[C]: in function 'require'
/home/tj/.local/lib/wireshark/plugins/baichuan.lua:229: in main chunk
Capturing on 'ap_soggy'
** (tshark:469588) 10:16:26.442766 [Main MESSAGE] -- Capture started.
** (tshark:469588) 10:16:26.443034 [Main MESSAGE] -- File: "argusPT.pcap"
I expected to find the missing luagcrypt.lua or luagcrypt.so packaged (in Debian) but it isn't. I found what appears to be the canonical module at https://github.com/Lekensteyn/luagcrypt but it has had no commits in 5 years and requires a separate build step to create a shared object.
So, on Debian and derivatives it needs:
sudo apt install lua5.2 liblua5.2-dev libgcrypt20-dev libgpg-error-dev
git clone https://github.com/Lekensteyn/luagcrypt.git
cd luagcrypt
make LUA_DIR=/usr
That generates luagcrypt.so which needs to be copied to /usr/local/lib/lua/5.2/
In trying to use
dissector/baichuan.lua
(withtshark
) to capture packets on the headless access point I found that it requires another module but there was not mention of how to make use of the dissector in any documentation.I expected to find the missing
luagcrypt.lua
orluagcrypt.so
packaged (in Debian) but it isn't. I found what appears to be the canonical module at https://github.com/Lekensteyn/luagcrypt but it has had no commits in 5 years and requires a separate build step to create a shared object.So, on Debian and derivatives it needs:
That generates
luagcrypt.so
which needs to be copied to/usr/local/lib/lua/5.2/
Additionally, the system where the dissector is used needs these packages installing (if not already present):
libgcrypt20 libgpg-error0