Thanks a bunch folks!!
-Barry
-----Original Message-----
From: wireshark-dev-bounces@xxxxxxxxxxxxx
[mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Guy Harris
Sent: Wednesday, April 30, 2008 1:41 PM
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] Byte Ordering in Dissector
Barry Constantine wrote:
> I am running into a problem because the uint32 of my protocol is not
in
> network byte order, but is in reverse byte order.
>
> How can I override the default assumption of network byte order when I
> insert the uint32 into the dissector tree?
You can't...
...because there isn't any default assumption to override!
If you're using proto_tree_add_item(), ptvcursor_add(), or
ptvcursor_add_no_advance(), just specify TRUE rather than FALSE as the
last argument, to indicate that the value is little-endian rather than
big-endian.
If you're using the ptvcursor routines, specify TRUE rather than FALSE
as the "little_endian" argument.
If you're fetching the value yourself, and the uint32 is *NOT* an IPv4
addressuse tvb_get_letohl() rather than tvb_get_ntohl() to convert it to
host byte order.
If you're fetching the value yourself, and the uint32 *IS* an IPv4
address (i.e., an IPv4 address stored, for some mysterious reason, in
little-endian byte order rather than big-endian network byte order), use
tvb_get_ipv4() and then byte-swap the value with GUINT32_SWAP_LE_BE().
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev
