9. Debugging¶

9.1. Interactive rule¶

Haka provides a way to filter packet interactively. To do this, you can use a predefined function haka.interactive_rule.

For instance:

haka.rule{
    hook = ipv4.events.receive_packet,
    eval = haka.interactive_rule("interactive")
}

As a result, every time this rule will be evaluated, a prompt will allow to enter commands. The current dissector data are available in a table named inputs. Following the above example, typing inputs[1] on the prompt will dump ip packet content along with available functions.

Note that you can use the TAB key to get completion. This can be very useful to discover the available functions and fields.

When you are done, you can let Haka continue its execution by hitting CTRL-D.

Note

As the edition will add a lot of delay, it is best to use the interactive rule on pcap files. Otherwise, you can run into problems with tcp for instance.

9.2. Debugger¶

If you need to inspect an existing configuration, you can use the debugger. You need to activate the debugger first. This can be done by starting Haka with the option --debug-lua.

If an error occurs haka will stop and a prompt will allow you to inspect variables, up-values, expressions... To get the list of all available commands, simply type help.

You can also set breakpoints and execute your code line by line by using the following code:

debug.breakpoint()