From 16aaef097a850ac82186c95bcf2ada9c6a69f3b1 Mon Sep 17 00:00:00 2001
From: someone-aka-sum1 <158220558+someone-aka-sum1@users.noreply.github.com>
Date: Sun, 4 Feb 2024 21:21:23 +0100
Subject: [PATCH] Make the protocol dissector heuristic (#14335)

---
 util/wireshark/minetest.lua | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/util/wireshark/minetest.lua b/util/wireshark/minetest.lua
index 93e4f0387..837ea2963 100644
--- a/util/wireshark/minetest.lua
+++ b/util/wireshark/minetest.lua
@@ -1280,13 +1280,14 @@ do
 
 	function p_minetest.dissector(buffer, pinfo, tree)
 
-		-- Add Minetest tree item and verify the ID
+		-- Defer if payload doesn't have Minetest's magic number
+		if buffer(0,4):uint() ~= minetest_id then
+			return false
+		end
+
+		-- Add Minetest tree item
 		local t = tree:add(p_minetest, buffer(0,8))
 		t:add(f_id, buffer(0,4))
-		if buffer(0,4):uint() ~= minetest_id then
-			t:add_expert_info(PI_UNDECODED, PI_WARN, "Invalid ID, this is not a Minetest packet")
-			return
-		end
 
 		-- ID is valid, so replace packet's shown protocol
 		pinfo.cols.protocol = "Minetest"
@@ -1339,12 +1340,11 @@ do
 		end
 
 		pinfo.cols.info:append(" (" .. reliability_info .. ")")
+		return true
 
 	end
 
-	-- FIXME Is there a way to let the dissector table check if the first payload bytes are 0x4f457403?
-	DissectorTable.get("udp.port"):add(30000, p_minetest)
-	DissectorTable.get("udp.port"):add(30001, p_minetest)
+	p_minetest:register_heuristic("udp", p_minetest.dissector)
 end