Sake Blok wrote:
On Mon, Mar 19, 2007 at 10:45:42AM +0800, Jeff Morriss wrote:
I did however start to look into the code to see how I could implement
the extra field. I realise that I need to start to understand how
wireshark actually handles frames. Some fields are filled by the
dissector and some fields are filled while looping through the
packets it seems. It will take me some time to understand how this
works and where the field must be generated. Any help on this is
more than welcome.
Look for where "del_ts" is set in "file.c" (Wireshark) and "tshark.c"
(tshark). You'll need a new timestamp in the frame data structure.
Then in packet-frame.c you'll need to put this new timestamp in a new
frame header field, similar to the current field.
Thanks Jeff, that gives me the proper starting points for writing
the enhancement. I'm glad the bug is marked with Low priority and
Minor severity, that give me the time to grasp all the mechanisms
involved :)
I assigned the bug to myself, I hope that is the proper way to use
bugzilla (as this is my first time to write code to solve an
already listed bug).
I don't know if there is a "proper way" but I will mention that since
the bug is now assigned to you, the rest of us (on the bugzilla mailing
list) won't be notified of any changes to the bug (e.g., new comments,
patches attached, etc.).
IMO just setting the bug state to Assigned with a note saying you're
looking at it (but not changing the Assignee field) is sufficient, at
least for people who don't have SVN commit access.
