Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] How to only output certain selected segment of a packet?

From: yenan <yen2@xxxxxxxxxxx>
Date: Thu, 14 Feb 2008 05:52:01 +0000


> Date: Wed, 13 Feb 2008 19:44:35 -0700
> From: stephentfisher@xxxxxxxxx
> To: wireshark-dev@xxxxxxxxxxxxx
> Subject: Re: [Wireshark-dev] How to only output certain selected segment of a packet?
>
> On Thu, Feb 14, 2008 at 12:09:08AM +0000, yenan wrote:
>
> > I am trying to output a paclet with a index field whihc is 20-bits
> > long , If I use "guint32" to define the variable for "INDEX" field,
> > and have the index value as "12345678", how can I chop the "678" off,
> > and display only "12345" to the screen?
>
> First, do not reply to someone else's message and change the subject.
> This causes confusion for those of us who use threaded mail readers.
> Compose a new message to wireshark-dev@xxxxxxxxxxxxx instead.
>
-----------------------------------------------------------------
SORRY, I DID NOT REALIZE THAT! IT SEEMS I AM WAY TOO LAZY!

> It sounds like you need to use a bitmask in the field registration (from
> doc/README.developer):
>
> bitmask
> -------
> If the field is a bitfield, then the bitmask is the mask which will
> leave only the bits needed to make the field when ANDed with a value.
> The proto_tree routines will calculate 'bitshift' automatically
> from 'bitmask', by finding the rightmost set bit in the bitmask.
> If the field is not a bitfield, then bitmask should be set to 0.
>
> This bitmask (in hex) would go where the 0x0 usually is in a field
> registration. See epan/dissectors/packet-vnc.c for a number of examples
> (such as in &hf_vnc_zrle_rle).
> ---------------------------------
>THANK YOU VERY MUCH FOR THE INFORMATION!! 
 

> Steve
>
>
>
> _______________________________________________
> Wireshark-dev mailing list
> Wireshark-dev@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-dev



Windows Live Writer锟斤拷支锟斤拷锟斤拷锟斤拷撰写锟斤拷锟斤拷锟斤拷锟捷o拷锟斤拷时锟斤拷锟斤拷锟叫达拷锟叫达拷锟� 锟斤拷锟斤拷使锟矫o拷