On Jul 29, 2010, at 8:02 AM, César Gomes wrote:
> I'm currently working on a dissector, and I need to make so that one variable has the same value at the begining of a capture, the value then can change, but in the beginning it has to be the same, how can I do that?
Note that there is no guarantee that, in Wireshark, after the file has been read in for the first time, your packets will be dissected in order. When the file is read in, each packet is dissected in order (note, however, that there is no guarantee that you will be asked to build a protocol tree on that first dissection, so don't build state only if the tree argument is non-null!), and you can use that pass to build state. After that, users can click on whatever packets they want, in whatever order they want, and, when a packet is clicked on, it is dissected.
In other words, do *NOT* maintain, in a global variable, state that changes from packet to packet, and assume that, when a packet is dissected, the state will reflect only the packets before the packet in question. You might have to attach state information to packets in order to dissect them after the first pass.
