Warning: geek post, largely as a reminder-to-self if I have this problem again!
I wanted to use lua with wireshark and followed all the instructions on the web to get it running … but it wouldn’t work.
After quite a lot of head scratching, I finally went off to a dos box running as admin to run wireshark and look at the files to see if I can see what was going on (everything I could see from the Windows GUI Looked fine). It turns out that the uncommenting you need to do in init.lua to make it worked hadn’t been done … but I had done it!
I think what was happening is that the new filesystem virtualisation stuff in Windows was kicking in. As a normal user, I could edit the init.lua file in the wireshark directory and even save it and see it again. But Windows wasn’t changing the real file. When I opened it as admin, I could see that the change hadn’t actually been made to the real file – so I changed it as admin and now it all works.
I can see the reasoning behind all this, from a security and backwards compatibility point of view. But if you get caught by it, it can waste a lot of time!