Cant find wireshark's init.lua on my CentOS machine

Question

So I'm trying to get a script working with tshark on my CentOS 7 server, but I'm having problems. The script works fine on my Windows laptop, I just put it in the plugins folder in appdata, but I can't find the similar location on linux. I used yum to download wireshark, and I have the program in another of my folders, but I can't find either of the init.lua files or the plugins folder.

When I use tshark -v it tells me it is built "with Lua 5.1" so I know that's not the problem, but I have no idea where to go from here. Any suggestions?

Answer 1

I'm in the Centos/RHEL camp here as well. I couldn't find init.lua anywhere. The about information was saying that lua should be available but it wasn't anywhere on the menus.

Eventually I found it! It's a part of the devel package which is additional to the base wireshark install package.

yum install -y wireshark-devel

Now I have init.lua and my custom lua dissectors are working.

Note Wireshark package provided by Redhat/Rocky/Centos as of RHEL 8 no longer supports Lua at all. My investigations revealed that they just "left it out" because there was conflicts between the version of Lua used in Wireshark and the one supported by the OS. The only way I could resole this for myself was to do a custom build with Lua enabled. It may also be possible to install from an alternative source.

Answer 2

Sadly CentOS, Fedora, Oracle Linux, and RHEL (as of today) do not include init.lua in their packaging of wireshark. "init.lua" must reside in the wireshark directory (e.g. /usr/share/wireshark) before wireshark will active any Lua scripts.

Answer 3

Start Wireshark, and go to Help->About Wireshark and then click the Folders tab. That will list every directory, including the "Personal Plugins" directory, which is where you should put the Lua script so that it will be automatically loaded. On *nix systems it's usually: ~/.wireshark/plugins/.