Wireshark · Wireshark-dev: [Wireshark-dev] Polling for possible reasons why the 'filter name' does not work

Wireshark-dev: [Wireshark-dev] Polling for possible reasons why the 'filter name' does not work

Date: Wed, 28 Aug 2013 23:55:47 +0800

Good day to all,

I have been trying to figure out a behavior for a while now where the 'filter name' (third parameter of proto_register_protocol() function) does not filter the captured messages.
For a brief background, I am studying/using an existing openflow dissector:
https://github.com/CPqD/ofdissector

I have scanned the README.developer and from looking at the ofdissector code, everything seems to be in order.

At first I thought that the 'filter name' should be the same as the first 'prefix' of the display filters registered in hf_register_info declarations. Meaning if the display filters are like 'abc.yyy.xxx', the filter name should be 'abc'.
But I think this does not necessarily need to be the case as I tried changing the prefixes in another of my dissectors and the filter name seems to work fine.

Does anyone have any possible leads/reasons/hypothesis as to where should I be looking to fix this?

Thank you in advance.

Best regards,
David

Follow-Ups:
- Re: [Wireshark-dev] Polling for possible reasons why the 'filter name' does not work
  - From: Gilbert Ramirez

Prev by Date: Re: [Wireshark-dev] Memory consumption in tshark
Next by Date: Re: [Wireshark-dev] Polling for possible reasons why the 'filter name' does not work
Previous by thread: Re: [Wireshark-dev] [Wireshark-commits] rev 51538: / /trunk/doc/: README.qt /trunk/ui/gtk/: gui_stat_menu.h main_menubar.c tcp_graph.c /trunk/ui/qt/: CMakeLists.txt Makefile.common QtShark.pro main_window.h main_window.ui /trunk/ui/: ...
Next by thread: Re: [Wireshark-dev] Polling for possible reasons why the 'filter name' does not work
Index(es):
- Date
- Thread