 |
Wireshark 4.7.0
The Wireshark network protocol analyzer
|
Loading...
Searching...
No Matches
|
Wireshark 4.7.0
The Wireshark network protocol analyzer
|
#include <wsutil/feature_list.h>#include <epan/tvbuff.h>#include <epan/prefs.h>#include <epan/frame_data.h>#include <epan/register.h>#include <wiretap/wtap_opttypes.h>Go to the source code of this file.
Classes | |
| struct | packet_provider_funcs |
| Structure containing pointers to functions supplied by the user of libwireshark. More... | |
| struct | epan_plugin |
Macros | |
| #define | ws_dissector_oops(_fmt, ...) ws_dissector_bug("OOPS: " _fmt, __VA_ARGS__) |
| Report a dissector OOPS (and optionally abort). | |
Typedefs | |
| typedef struct epan_dissect | epan_dissect_t |
| Opaque type representing a single packet dissection context. | |
| typedef struct epan_session | epan_t |
| Represents a dissection session state. | |
Functions | |
| WS_DLL_PUBLIC void | ws_dissector_bug (const char *format,...) G_GNUC_PRINTF(1 |
| Report a dissector bug (and optionally abort). | |
| WS_DLL_PUBLIC bool | epan_init (register_cb cb, void *client_data, bool load_plugins) |
| Initialize the entire epan module. | |
| WS_DLL_PUBLIC e_prefs * | epan_load_settings (void) |
| Load all settings from the current profile that affect epan. | |
| WS_DLL_PUBLIC void | epan_cleanup (void) |
| Clean up the entire epan module. | |
| WS_DLL_PUBLIC void | epan_register_plugin (const epan_plugin *plugin) |
| Register an epan plugin with the dissection engine. | |
| WS_DLL_PUBLIC int | epan_plugins_supported (void) |
| Check plugin support status for libwireshark components. | |
| void | epan_conversation_init (void) |
| Initialize the table of conversations. | |
| WS_DLL_PUBLIC epan_t * | epan_new (struct packet_provider_data *prov, const struct packet_provider_funcs *funcs) |
| Create a new epan dissection session. | |
| WS_DLL_PUBLIC wtap_block_t | epan_get_modified_block (const epan_t *session, const frame_data *fd) |
| Retrieve a modified capture block associated with a specific frame. | |
| WS_DLL_PUBLIC const char * | epan_get_interface_name (const epan_t *session, uint32_t interface_id, unsigned section_number) |
| Retrieve the name of a network interface. | |
| WS_DLL_PUBLIC const char * | epan_get_interface_description (const epan_t *session, uint32_t interface_id, unsigned section_number) |
| Retrieve the description of a network interface. | |
| WS_DLL_PUBLIC int32_t | epan_get_process_id (const epan_t *session, uint32_t process_info_id, unsigned section_number) |
| Retrieve the process ID associated with a given process info record. | |
| WS_DLL_PUBLIC const char * | epan_get_process_name (const epan_t *session, uint32_t process_info_id, unsigned section_number) |
| Retrieve the name of a process associated with a given process info record. | |
| WS_DLL_PUBLIC const uint8_t * | epan_get_process_uuid (const epan_t *session, uint32_t process_info_id, unsigned section_number, size_t *uuid_size) |
| Retrieve the UUID of a process associated with a given process info record. | |
| const nstime_t * | epan_get_frame_ts (const epan_t *session, uint32_t frame_num) |
| Retrieve the timestamp of a specific frame. | |
| const nstime_t * | epan_get_start_ts (const epan_t *session) |
| Retrieve the start timestamp of the capture session. | |
| WS_DLL_PUBLIC void | epan_free (epan_t *session) |
| Free an epan dissection session. | |
| WS_DLL_PUBLIC const char * | epan_get_version (void) |
| Retrieve the epan library's version as a string. | |
| WS_DLL_PUBLIC void | epan_get_version_number (int *major, int *minor, int *micro) |
| Retrieve the version number of the epan library. | |
| WS_DLL_PUBLIC void | epan_set_always_visible (bool force) |
| Set or unset the tree to always be visible when epan_dissect_init() is called. | |
| WS_DLL_PUBLIC void | epan_dissect_init (epan_dissect_t *edt, epan_t *session, const bool create_proto_tree, const bool proto_tree_visible) |
| Initialize an existing single packet dissection. | |
| WS_DLL_PUBLIC epan_dissect_t * | epan_dissect_new (epan_t *session, const bool create_proto_tree, const bool proto_tree_visible) |
| Create a new single packet dissection. | |
| WS_DLL_PUBLIC void | epan_dissect_reset (epan_dissect_t *edt) |
| Reset a dissection context for reuse. | |
| WS_DLL_PUBLIC void | epan_dissect_fake_protocols (epan_dissect_t *edt, const bool fake_protocols) |
| Indicate whether protocols should be faked during dissection. | |
| WS_DLL_PUBLIC void | epan_dissect_run (epan_dissect_t *edt, int file_type_subtype, wtap_rec *rec, frame_data *fd, struct epan_column_info *cinfo) |
| Run a single packet dissection. | |
| WS_DLL_PUBLIC void | epan_dissect_run_with_taps (epan_dissect_t *edt, int file_type_subtype, wtap_rec *rec, frame_data *fd, struct epan_column_info *cinfo) |
| Run a single packet dissection and invoke tap listeners. | |
| WS_DLL_PUBLIC void | epan_dissect_file_run (epan_dissect_t *edt, wtap_rec *rec, frame_data *fd, struct epan_column_info *cinfo) |
| Run a dissection of file-based packet data. | |
| WS_DLL_PUBLIC void | epan_dissect_file_run_with_taps (epan_dissect_t *edt, wtap_rec *rec, frame_data *fd, struct epan_column_info *cinfo) |
| Run a dissection of file-based packet data and invoke tap listeners. | |
| WS_DLL_PUBLIC void | epan_dissect_prime_with_dfilter (epan_dissect_t *edt, const struct epan_dfilter *dfcode) |
| Prime a dissection context's protocol tree using a display filter. | |
| WS_DLL_PUBLIC void | epan_dissect_prime_with_dfilter_print (epan_dissect_t *edt, const struct epan_dfilter *dfcode) |
| Prime a dissection context's protocol tree using a display filter, marking fields for print output. | |
| WS_DLL_PUBLIC void | epan_dissect_prime_with_hfid (epan_dissect_t *edt, int hfid) |
| Prime a dissection context's protocol tree with a specific field or protocol. | |
| WS_DLL_PUBLIC void | epan_dissect_prime_with_hfid_array (epan_dissect_t *edt, GArray *hfids) |
| Prime a dissection context's protocol tree with a set of fields or protocols. | |
| WS_DLL_PUBLIC void | epan_dissect_fill_in_columns (epan_dissect_t *edt, const bool fill_col_exprs, const bool fill_fd_colums) |
| Populate packet list columns with dissection output. | |
| WS_DLL_PUBLIC bool | epan_dissect_packet_contains_field (epan_dissect_t *edt, const char *field_name) |
| Check whether a dissected packet contains a specific named field. | |
| WS_DLL_PUBLIC void | epan_dissect_cleanup (epan_dissect_t *edt) |
| Release resources associated with a packet dissection context. | |
| WS_DLL_PUBLIC void | epan_dissect_free (epan_dissect_t *edt) |
| Free a single packet dissection context. | |
| const char * | epan_custom_set (epan_dissect_t *edt, GSList *ids, int occurrence, bool display_details, char *result, char *expr, const int size) |
| Set the value of a custom column based on specified fields and expression. | |
| WS_DLL_PUBLIC void | epan_gather_compile_info (feature_list l) |
| Get compile-time information for libraries used by libwireshark. | |
| WS_DLL_PUBLIC void | epan_gather_runtime_info (feature_list l) |
| Get runtime information for libraries used by libwireshark. | |
Variables | |
| bool | wireshark_abort_on_dissector_bug |
| bool | wireshark_abort_on_too_many_items |
Wireshark Protocol Analyzer Library
Copyright (c) 2001 by Gerald Combs geral.nosp@m.d@wi.nosp@m.resha.nosp@m.rk.o.nosp@m.rg
SPDX-License-Identifier: GPL-2.0-or-later
| #define ws_dissector_oops | ( | _fmt, | |
| ... | |||
| ) | ws_dissector_bug("OOPS: " _fmt, __VA_ARGS__) |
Report a dissector OOPS (and optionally abort).
| format | printf-like format string literal. |
| ... | printf-like parameters. |
| typedef struct epan_dissect epan_dissect_t |
Opaque type representing a single packet dissection context.
Used to manage state and results during the dissection of an individual packet. Typically created with epan_dissect_new and freed with epan_dissect_free.
| typedef struct epan_session epan_t |
Represents a dissection session state.
A client creates one epan_t for an entire dissection session. This single epan_t instance analyzes the entire sequence of packets sequentially, corresponding to a single packet trace file.
epan_t exists because some protocols require knowledge of previous packets to decode certain packets correctly. This inter-packet "state" is maintained within epan_t.
| WS_DLL_PUBLIC void epan_cleanup | ( | void | ) |
Clean up the entire epan module.
This function should be called only once in a program, typically during shutdown, to release resources and perform all necessary cleanup.
| void epan_conversation_init | ( | void | ) |
Initialize the table of conversations.
Conversations are identified by their endpoints and are used for protocols such as IP, TCP, and UDP, where packets contain endpoint information but don't contain a single value indicating which flow the packet belongs to.
| const char * epan_custom_set | ( | epan_dissect_t * | edt, |
| GSList * | ids, | ||
| int | occurrence, | ||
| bool | display_details, | ||
| char * | result, | ||
| char * | expr, | ||
| const int | size | ||
| ) |
Set the value of a custom column based on specified fields and expression.
This function evaluates a custom column expression against the current dissection context and populates the output buffer with the resulting string. It supports selecting specific field occurrences and optionally includes detailed formatting.
| edt | The dissection context to evaluate against. |
| ids | A list of header field IDs (hf_register_info) used in the expression. |
| occurrence | The occurrence index of the field to extract (e.g., 0 for first match). |
| display_details | If true, include detailed formatting (e.g., label/value pairs). |
| result | Output buffer to receive the formatted column string. |
| expr | The custom column expression to evaluate. |
| size | The size of the output buffer. |
| WS_DLL_PUBLIC void epan_dissect_cleanup | ( | epan_dissect_t * | edt | ) |
Release resources associated with a packet dissection context.
This function cleans up internal allocations and temporary data structures attached to the given epan_dissect_t context.
epan_dissect_t pointer itself—use `epan_dissect_free()` for full teardown.| edt | The dissection context to clean up. |
| WS_DLL_PUBLIC void epan_dissect_fake_protocols | ( | epan_dissect_t * | edt, |
| const bool | fake_protocols | ||
| ) |
Indicate whether protocols should be faked during dissection.
| edt | The dissection context. |
| fake_protocols | If true, protocols are faked; if false, they are not. |
| WS_DLL_PUBLIC void epan_dissect_file_run | ( | epan_dissect_t * | edt, |
| wtap_rec * | rec, | ||
| frame_data * | fd, | ||
| struct epan_column_info * | cinfo | ||
| ) |
Run a dissection of file-based packet data.
This function performs protocol dissection on a packet sourced from a capture file, using the provided dissection context. Unlike live capture dissection, this assumes the packet is static and fully recorded. It populates protocol trees and updates column information accordingly.
| edt | The dissection context to use. |
| rec | Pointer to the raw packet record (wtap_rec) containing metadata. |
| fd | Pointer to the frame data for the packet. |
| cinfo | Pointer to the column info structure to be updated during dissection. |
| WS_DLL_PUBLIC void epan_dissect_file_run_with_taps | ( | epan_dissect_t * | edt, |
| wtap_rec * | rec, | ||
| frame_data * | fd, | ||
| struct epan_column_info * | cinfo | ||
| ) |
Run a dissection of file-based packet data and invoke tap listeners.
This function performs protocol dissection on a packet sourced from a capture file, using the provided dissection context. Unlike live capture dissection, this assumes the packet is static and fully recorded. In addition to populating protocol trees and updating column information, it triggers any registered tap listeners to extract protocol-specific data during dissection.
| edt | The dissection context to use. |
| rec | Pointer to the raw packet record (wtap_rec) containing metadata. |
| fd | Pointer to the frame data for the packet. |
| cinfo | Pointer to the column info structure to be updated during dissection. |
| WS_DLL_PUBLIC void epan_dissect_fill_in_columns | ( | epan_dissect_t * | edt, |
| const bool | fill_col_exprs, | ||
| const bool | fill_fd_colums | ||
| ) |
Populate packet list columns with dissection output.
This function fills in the column data for a packet after dissection, using the provided epan_dissect_t context. It can populate both column expressions (e.g., protocol fields) and frame data–derived columns (e.g., packet number, timestamp).
| edt | The dissection context containing parsed packet data. |
| fill_col_exprs | If true, populate columns based on display filter expressions. |
| fill_fd_colums | If true, populate columns based on frame metadata. |
| WS_DLL_PUBLIC void epan_dissect_free | ( | epan_dissect_t * | edt | ) |
Free a single packet dissection context.
This function releases all memory and resources associated with the given epan_dissect_t object.
| edt | The dissection context to free. |
| WS_DLL_PUBLIC void epan_dissect_init | ( | epan_dissect_t * | edt, |
| epan_t * | session, | ||
| const bool | create_proto_tree, | ||
| const bool | proto_tree_visible | ||
| ) |
Initialize an existing single packet dissection.
| edt | The dissection context to initialize. |
| session | The epan session associated with the dissection. |
| create_proto_tree | Whether to create a protocol tree for the dissection. |
| proto_tree_visible | Whether the protocol tree should be visible after initialization. |
| WS_DLL_PUBLIC epan_dissect_t * epan_dissect_new | ( | epan_t * | session, |
| const bool | create_proto_tree, | ||
| const bool | proto_tree_visible | ||
| ) |
Create a new single packet dissection.
The returned dissection should be freed using epan_dissect_free() after packet dissection is completed.
| session | The epan session to associate with the dissection. |
| create_proto_tree | Whether to create a protocol tree for this dissection. |
| proto_tree_visible | Whether the protocol tree should be visible. |
| WS_DLL_PUBLIC bool epan_dissect_packet_contains_field | ( | epan_dissect_t * | edt, |
| const char * | field_name | ||
| ) |
Check whether a dissected packet contains a specific named field.
This function inspects the protocol tree within the given dissection context to determine whether a field with the specified name was generated during dissection. Field names should match those registered via the protocol registrar (e.g., "ip.src").
| edt | The dissection context to query. |
| field_name | The name of the field to check (e.g., "tcp.port"). |
| WS_DLL_PUBLIC void epan_dissect_prime_with_dfilter | ( | epan_dissect_t * | edt, |
| const struct epan_dfilter * | dfcode | ||
| ) |
Prime a dissection context's protocol tree using a display filter.
This function prepares the epan_dissect_t context by preloading protocol and field definitions referenced in the given display filter. This ensures that the protocol tree includes all necessary elements for evaluation, even if they wouldn't normally be generated during dissection.
This is typically used to guarantee that all fields required by a filter expression are available for matching or display.
| edt | The dissection context to prime. |
| dfcode | The compiled display filter to use for priming. |
| WS_DLL_PUBLIC void epan_dissect_prime_with_dfilter_print | ( | epan_dissect_t * | edt, |
| const struct epan_dfilter * | dfcode | ||
| ) |
Prime a dissection context's protocol tree using a display filter, marking fields for print output.
This function prepares the epan_dissect_t context by preloading protocol and field definitions referenced in the given display filter, and marks those fields for inclusion in print-style output. This ensures that all relevant fields are available and flagged for textual rendering, even if they wouldn't normally be generated during dissection.
| edt | The dissection context to prime. |
| dfcode | The compiled display filter to use for priming and print marking. |
| WS_DLL_PUBLIC void epan_dissect_prime_with_hfid | ( | epan_dissect_t * | edt, |
| int | hfid | ||
| ) |
Prime a dissection context's protocol tree with a specific field or protocol.
This function prepares the epan_dissect_t context by preloading the protocol or field identified by the given header field ID (hfid). This ensures that the corresponding dissector logic and tree nodes are initialized and available during dissection, even if they wouldn't normally be triggered by the packet content alone.
| edt | The dissection context to prime. |
| hfid | The header field ID of the protocol or field to preload. |
| WS_DLL_PUBLIC void epan_dissect_prime_with_hfid_array | ( | epan_dissect_t * | edt, |
| GArray * | hfids | ||
| ) |
Prime a dissection context's protocol tree with a set of fields or protocols.
This function prepares the epan_dissect_t context by preloading all protocol and field definitions referenced by the header field IDs (hfids) in the provided GArray. This ensures that the corresponding dissector logic and tree nodes are initialized and available during dissection, even if they wouldn't normally be triggered by the packet content alone.
| edt | The dissection context to prime. |
| hfids | A GArray of integers representing header field IDs to preload. |
| WS_DLL_PUBLIC void epan_dissect_reset | ( | epan_dissect_t * | edt | ) |
Reset a dissection context for reuse.
This function clears the internal state of an existing epan_dissect_t object, allowing it to be reused for dissecting another packet without reallocating the entire structure. It preserves configuration flags such as protocol tree visibility.
| edt | The dissection context to reset. |
| WS_DLL_PUBLIC void epan_dissect_run | ( | epan_dissect_t * | edt, |
| int | file_type_subtype, | ||
| wtap_rec * | rec, | ||
| frame_data * | fd, | ||
| struct epan_column_info * | cinfo | ||
| ) |
Run a single packet dissection.
This function performs protocol dissection on a single packet using the provided dissection context. It populates protocol trees, updates column information, and applies decoding logic based on the capture file format and packet metadata.
| edt | The dissection context to use. |
| file_type_subtype | The subtype of the capture file format (e.g., WTAP_FILE_PCAP). |
| rec | Pointer to the raw packet record (wtap_rec) containing metadata. |
| fd | Pointer to the frame data for the packet. |
| cinfo | Pointer to the column info structure to be updated during dissection. |
| WS_DLL_PUBLIC void epan_dissect_run_with_taps | ( | epan_dissect_t * | edt, |
| int | file_type_subtype, | ||
| wtap_rec * | rec, | ||
| frame_data * | fd, | ||
| struct epan_column_info * | cinfo | ||
| ) |
Run a single packet dissection and invoke tap listeners.
This function performs protocol dissection on a single packet using the provided dissection context, similar to epan_dissect_run, but additionally triggers any registered tap listeners. Tap listeners are used to extract and process protocol-specific data during dissection (e.g., for statistics or UI updates).
| edt | The dissection context to use. |
| file_type_subtype | The subtype of the capture file format (e.g., WTAP_FILE_PCAP). |
| rec | Pointer to the raw packet record (wtap_rec) containing metadata. |
| fd | Pointer to the frame data for the packet. |
| cinfo | Pointer to the column info structure to be updated during dissection. |
| WS_DLL_PUBLIC void epan_free | ( | epan_t * | session | ) |
Free an epan dissection session.
This function releases all resources associated with the given epan_t session. It should be called once the session is no longer needed, typically after all packet dissections are complete.
| session | Pointer to the epan session to be freed. |
| WS_DLL_PUBLIC void epan_gather_compile_info | ( | feature_list | l | ) |
Get compile-time information for libraries used by libwireshark.
| l | The feature list object to store the compile-time information. |
| WS_DLL_PUBLIC void epan_gather_runtime_info | ( | feature_list | l | ) |
Get runtime information for libraries used by libwireshark.
| l | The feature list object to store the runtime information. |
Retrieve the timestamp of a specific frame.
This function queries the epan session for the timestamp associated with the given frame number.
| session | The epan session context. |
| frame_num | The frame number to query. |
nstime_t) of the specified frame, or NULL if unavailable. | WS_DLL_PUBLIC const char * epan_get_interface_description | ( | const epan_t * | session, |
| uint32_t | interface_id, | ||
| unsigned | section_number | ||
| ) |
Retrieve the description of a network interface.
This function queries the epan session for a textual description of a specific interface, identified by its interface ID and section number. Descriptions may include hardware details, driver info, or capture context metadata.
| session | The epan session context. |
| interface_id | The interface's identifier. |
| section_number | The section number within the capture file. |
| WS_DLL_PUBLIC const char * epan_get_interface_name | ( | const epan_t * | session, |
| uint32_t | interface_id, | ||
| unsigned | section_number | ||
| ) |
Retrieve the name of a network interface.
This function queries the epan session for the name of a specific interface, identified by its interface ID and section number. Interface names are typically derived from capture metadata and may reflect physical or logical device labels.
| session | The epan session context. |
| interface_id | The interface's identifier. |
| section_number | The section number within the capture file. |
| WS_DLL_PUBLIC wtap_block_t epan_get_modified_block | ( | const epan_t * | session, |
| const frame_data * | fd | ||
| ) |
Retrieve a modified capture block associated with a specific frame.
This function returns a wtap_block_t that reflects any modifications made to the original capture block for the given frame. These modifications may include metadata updates or annotations applied during dissection.
| session | The epan session context. |
| fd | Pointer to the frame data for which the modified block is requested. |
| WS_DLL_PUBLIC int32_t epan_get_process_id | ( | const epan_t * | session, |
| uint32_t | process_info_id, | ||
| unsigned | section_number | ||
| ) |
Retrieve the process ID associated with a given process info record.
This function queries the epan session for the process ID corresponding to the specified process information ID and section number. Process metadata may be extracted from capture blocks or external annotations.
| session | The epan session context. |
| process_info_id | The identifier for the process information. |
| section_number | The section number within the capture file. |
| WS_DLL_PUBLIC const char * epan_get_process_name | ( | const epan_t * | session, |
| uint32_t | process_info_id, | ||
| unsigned | section_number | ||
| ) |
Retrieve the name of a process associated with a given process info record.
This function queries the epan session for the name of a process identified by the specified process information ID and section number. Process names may be extracted from capture metadata or annotations.
| session | The epan session context. |
| process_info_id | The identifier for the process information. |
| section_number | The section number within the capture file. |
| WS_DLL_PUBLIC const uint8_t * epan_get_process_uuid | ( | const epan_t * | session, |
| uint32_t | process_info_id, | ||
| unsigned | section_number, | ||
| size_t * | uuid_size | ||
| ) |
Retrieve the UUID of a process associated with a given process info record.
This function queries the epan session for the UUID of a process identified by the specified process information ID and section number. The UUID is returned as a pointer to a byte array, and its size is stored in the provided output parameter.
| session | The epan session context. |
| process_info_id | The identifier for the process information. |
| section_number | The section number within the capture file. |
| uuid_size | Output parameter that receives the size of the UUID in bytes. |
Retrieve the start timestamp of the capture session.
This function returns the timestamp marking the beginning of the capture, as recorded in the associated epan session.
| session | The epan session context. |
nstime_t), or NULL if unavailable. | WS_DLL_PUBLIC const char * epan_get_version | ( | void | ) |
Retrieve the epan library's version as a string.
This function returns a static string representing the version of the libwireshark dissection engine (epan). For example, "4.7.0".
| WS_DLL_PUBLIC void epan_get_version_number | ( | int * | major, |
| int * | minor, | ||
| int * | micro | ||
| ) |
Retrieve the version number of the epan library.
This function provides the major, minor, and micro components of the libwireshark dissection engine (epan) version. It is useful for programmatic version checks, compatibility validation, or display formatting.
| major | Pointer to an integer to receive the major version. |
| minor | Pointer to an integer to receive the minor version. |
| micro | Pointer to an integer to receive the micro (patch) version. |
| WS_DLL_PUBLIC bool epan_init | ( | register_cb | cb, |
| void * | client_data, | ||
| bool | load_plugins | ||
| ) |
Initialize the entire epan module.
XXX
Sections:
This function must be called only once in a program to set up the module.
| cb | A callback function used for registration. |
| client_data | Pointer to client-specific data passed to the callback. |
| load_plugins | Whether to load plugins during initialization. |
| WS_DLL_PUBLIC e_prefs * epan_load_settings | ( | void | ) |
Load all settings from the current profile that affect epan.
| WS_DLL_PUBLIC epan_t * epan_new | ( | struct packet_provider_data * | prov, |
| const struct packet_provider_funcs * | funcs | ||
| ) |
Create a new epan dissection session.
This function allocates and initializes an epan_t session object, which maintains state across multiple packet dissections. It requires a packet provider and its associated function table to supply runtime data such as timestamps, interface metadata, and process info.
| prov | Pointer to the packet provider data. |
| funcs | Pointer to the packet provider function table. |
| WS_DLL_PUBLIC int epan_plugins_supported | ( | void | ) |
Check plugin support status for libwireshark components.
| WS_DLL_PUBLIC void epan_register_plugin | ( | const epan_plugin * | plugin | ) |
Register an epan plugin with the dissection engine.
This function registers a plugin that provides dissectors, taps, or other protocol-related functionality. It should be called during plugin initialization, typically from the plugin's entry point (e.g., plugin_register()).
Registered plugins are integrated into the epan framework and can contribute to packet analysis during dissection.
| plugin | Pointer to the epan_plugin structure containing plugin metadata and hooks. |
| WS_DLL_PUBLIC void epan_set_always_visible | ( | bool | force | ) |
Set or unset the tree to always be visible when epan_dissect_init() is called.
This state change persists until explicitly cleared, rather than being applied per function call. It is currently used when Lua scripts request all fields to be generated.
By default, the tree only becomes visible if epan_dissect_init() enables it, usually when a packet is selected. Setting this forces the tree to always be visible, although it will still not be created if create_proto_tree is false in the epan_dissect_init() call.
Clearing this setting reverts the visibility decision back to epan_dissect_init() and proto_tree_visible.
| force | If true, the tree is always visible; if false, visibility follows default behavior. |
| WS_DLL_PUBLIC void ws_dissector_bug | ( | const char * | format, |
| ... | |||
| ) |
Report a dissector bug (and optionally abort).
| format | printf-like format string. |
| ... | printf-like parameters. |
|
extern |
Global variable holding the content of the corresponding environment variable to save fetching it repeatedly.
1.9.8