bubbasnmp
commented
2 years ago Below is my system details
Wireshark Version 1.10.14 CentOS Linux release 7.5.1804 (Core)
sflow.enterprise and sflow.counters_sample.XXX did not exist until Wireshark 1.12.0.
Wireshark Display Filter Reference: sflow: [InMon sFlow](https://www.wireshark.org/docs/dfref/s/sflow.html) (1.0.0 to 3.6.3, 372 fields)
sflow.enterprise | Enterprise | Unsigned integer, 4 bytes | 1.12.0 to 3.6.3
sflow.counters_sample.XXX| Counters records | Unsigned integer, 4 bytes | 1.12.0 to 3.6.3
-- These are the fields we are going to extract
-- They must be explicitly listed in order to tell wireshark to dissect them
local required_fields = {}
for _, f in ipairs({"sflow_245.version",
"sflow_245.sysuptime",
"sflow_245.agent",
"sflow_245.numsamples",
"sflow.enterprise",
"sflow_245.sampletype",
"sflow_5.sample_length",
"sflow_5.flow_data_length",
"sflow.counters_sample.sequence_number",
"sflow.counters_sample.source_id_type",
"sflow.counters_sample.source_id_index",
"sflow.counters_sample.counters_records",
"sflow_245.counters_record_format",
"sflow_245.flow_record_format",
"sflow_245.ifindex",
"sflow_245.ifspeed",
"sflow_245.ifinoct",
"sflow_245.ifoutoct",
"sflow_245.header_protocol",
"sflow.flow_sample.source_id_class",
"sflow.flow_sample.index",
"sflow.flow_sample.flow_record",
"sflow.flow_sample.sampling_rate",
"eth.type", "ip.src", "ip.dst", "ip.len"}) do
required_fields[f] = Field.new(f)
end
Hello There,
Below is my system details
I am placing the sflow_tap.lua into /usr/lib64/wireshark/plugins/1.10.14
Upon launching Wireshark I got the following error,
Can anyone help?
Thank you very much!
Rgds, YeongWei