Wireshark
the world's foremost network protocol analyzer
Wireshark-dev: Re: [Wireshark-dev] Get 3 bytes
From: Stephen Fisher <stephentfisher@xxxxxxxxx>
Date: Mon, 12 Mar 2007 16:50:32 -0700
On Mon, Mar 12, 2007 at 03:32:29PM -0800, Steven Le wrote: > I define a header type to be FT_UINT24 > &.... > ....FT_UNIT24, BASE_DEC, NULL, Make sure you have FT_UINT24 > 0x00007ff (bitmasking 3 bytes) No bitmasking necessary - FT_UINT24 takes care of it for you. Just put 0x0 for the bitmask field. > How to get 3 bytes and add it to protocol subtree? guint32 = > tvb_get_leoh24(tvb, 3); ??? > > guint32 is 32 bits --> so type mismatch??? It would be easiest to use proto_tree_add_item() and give it the offset where the 3 bytes start and length of 3 using the header field name you defined (shown above). Otherwise, if you need to retrieve the value and use it for another purpose than just to display it, then use a guint32 and assign it the return value of tvb_get_ntoh24() in most cases (when it's in network byte order) unless you know for sure that it is little endian on the network, then you can use the tvb_get_letoh24() function you mentioned above. Note that both of these functions return a guint32 anyway; the remaining 8 bits of the variable will be set to zero. Steve
- References:
- [Wireshark-dev] Get 3 bytes
- From: Steven Le
- [Wireshark-dev] Get 3 bytes
- Prev by Date: [Wireshark-dev] Get 3 bytes
- Next by Date: Re: [Wireshark-dev] proto_add_tree_item versus proto_add_tree_string
- Previous by thread: [Wireshark-dev] Get 3 bytes
- Next by thread: Re: [Wireshark-dev] Get 3 bytes
- Index(es):