How to handle bit fields in Wireshark Lua dissector?

Question

I need to dissect a bit mapped octet in a Wireshark lua dissector. The octet has format:

bit 0:     Concatenation (0=No concatenation, 1=Concatenation)
bits 1..3: Reserved
bits 4..7: Version

I have successfully dissected it with:

Concatenation_F = ProtoField.uint8("Concatenation", "Concatenation", base.DEC, NULL, 0x1)
Version_F = ProtoField.uint8("Version", "Version", base.DEC, NULL, 0xF0)

my_protocol.fields = { Concatenation_F,
                   Version_F
}

<snip>

local Concatenation_range = buffer(0,1)
local Version_range = buffer(0,1)

local Concatenation = Concatenation_F:uint()
local Version = Version_range:uint()

subtree:add(Concatenation_F, Concatenation_range, Concatenation)
subtree:add(Version_F, Version_range, Version)

That works, but I would like to show the meaning of the Concatenation field, like:

but to do that I need to get the value of the Concatenation bit. How can I do that?

Answer 1

There are 2 solutions. Normally you'd just introduce a valuestring and use it in your ProtoField call. For example:

local yesno_types = {
    [0] = "No",
    [1] = "Yes"
}

Concatenation_F = ProtoField.uint8("Concatenation", "Concatenation", base.DEC, yesno_types, 0x1)

Refer to section 11.6.7. ProtoField of the Wireshark Developer's Guide for more information.

But if you still want to get the value of the bitfield, then you can do so using Lua BitOp support, which is already available to you. So, something like this:

local function get_concat(x) return bit.band(x, 0x01) end

local concat = get_concat(buffer(0, 1):uint())