docs/wsar_html/expert_8h_source.html

#ifndef __EXPERT_H__

#define __EXPERT_H__


#include <epan/proto.h>

#include <epan/packet_info.h>

#include <wsutil/value_string.h>

#include "ws_symbol_export.h"


#ifdef __cplusplus

extern "C" {

#endif /* __cplusplus */


typedef struct expert_info_s {

    uint32_t     packet_num;

    int          group;    /* from a bitfield, should probably be unsigned */

    int          severity; /* from a bitfield, should probably be unsigned */

    int          hf_index; /* hf_index of the expert item. Might be -1. */

    const char *protocol;

    char        *summary;

    proto_item  *pitem;

} expert_info_t;


/* Expert Info and Display hf data */


typedef struct expert_field

{

    int ei;

    int hf;

} expert_field;


#define EI_INIT_EI 0

#define EI_INIT_HF 0

#define EI_INIT {EI_INIT_EI, EI_INIT_HF}


typedef struct expert_field_info {

    /* ---------- set by dissector --------- */

    const char       *name;

    int               group;

    int               severity;

    const char       *summary;


    /* ------- set by register routines (prefilled by EXPFILL macro, see below) ------ */

    int               id;

    const char       *protocol;

    int               orig_severity; /* Matches severity when registered, used to restore original severity

                      * if UAT severity entry is removed */

    struct expert_field_info *same_name_next;

    hf_register_info  hf_info;


} expert_field_info;


#define EXPFILL 0, NULL, 0, NULL, \

        {0, {NULL, NULL, FT_NONE, BASE_NONE, NULL, 0, NULL, HFILL}}


typedef struct ei_register_info {

    expert_field      *ids;

    expert_field_info  eiinfo;

} ei_register_info;


typedef struct expert_module expert_module_t;


#define PRE_ALLOC_EXPERT_FIELDS_MEM 5000


/* "proto_expert" is exported from libwireshark.dll.

 * Thus we need a special declaration.

 */

WS_DLL_PUBLIC int proto_expert;


extern void

expert_init(void);


extern void

expert_packet_init(void);


extern void

expert_cleanup(void);


extern void

expert_packet_cleanup(void);


WS_DLL_PUBLIC int

expert_get_highest_severity(void);


WS_DLL_PUBLIC void

expert_update_comment_count(uint64_t count);


WS_DLL_PUBLIC proto_item *

expert_add_info(packet_info *pinfo, proto_item *pi, expert_field *eiindex);


WS_DLL_PUBLIC proto_item *

expert_add_info_format(packet_info *pinfo, proto_item *pi, expert_field *eiindex,

                       const char *format, ...) G_GNUC_PRINTF(4, 5);


WS_DLL_PUBLIC proto_item *

proto_tree_add_expert(proto_tree *tree, packet_info *pinfo, expert_field *eiindex,

        tvbuff_t *tvb, unsigned start, unsigned length);


WS_DLL_PUBLIC proto_item*

proto_tree_add_expert_remaining(proto_tree* tree, packet_info* pinfo, expert_field* eiindex,

    tvbuff_t* tvb, unsigned start);


WS_DLL_PUBLIC proto_item *

proto_tree_add_expert_format(proto_tree *tree, packet_info *pinfo, expert_field *eiindex,

        tvbuff_t *tvb, unsigned start, unsigned length, const char *format, ...) G_GNUC_PRINTF(7, 8);


WS_DLL_PUBLIC proto_item*

proto_tree_add_expert_format_remaining(proto_tree* tree, packet_info* pinfo, expert_field* eiindex,

    tvbuff_t* tvb, unsigned start, const char* format, ...) G_GNUC_PRINTF(6, 7);


/*

 * Register that a protocol has expert info.

 */

WS_DLL_PUBLIC expert_module_t *expert_register_protocol(int id);


void expert_deregister_expertinfo (const char *abbrev);


void expert_deregister_protocol (expert_module_t *module);


void expert_free_deregistered_expertinfos (void);


WS_DLL_PUBLIC const char* expert_get_summary(expert_field *eiindex);


WS_DLL_PUBLIC void

expert_register_field_array(expert_module_t *module, ei_register_info *ei, const int num_records);


#define EXPERT_CHECKSUM_DISABLED    -2

#define EXPERT_CHECKSUM_UNKNOWN     -1

#define EXPERT_CHECKSUM_GOOD        0

#define EXPERT_CHECKSUM_BAD         1


WS_DLL_PUBLIC const value_string expert_group_vals[];


WS_DLL_PUBLIC const value_string expert_severity_vals[];


WS_DLL_PUBLIC const value_string expert_checksum_vals[];


#ifdef __cplusplus

}

#endif /* __cplusplus */


#endif /* __EXPERT_H__ */


/*

 * Editor modelines  -  https://www.wireshark.org/tools/modelines.html

 *

 * Local variables:

 * c-basic-offset: 8

 * tab-width: 8

 * indent-tabs-mode: t

 * End:

 *

 * vi: set shiftwidth=8 tabstop=8 noexpandtab:

 * :indentSize=8:tabSize=8:noTabs=false:

 */

expert_info_t
struct expert_info_s expert_info_t

expert_register_field_array
WS_DLL_PUBLIC void expert_register_field_array(expert_module_t *module, ei_register_info *ei, const int num_records)
Definition expert.c:444

expert_add_info
WS_DLL_PUBLIC proto_item * expert_add_info(packet_info *pinfo, proto_item *pi, expert_field *eiindex)
Definition expert.c:682

expert_deregister_expertinfo
void expert_deregister_expertinfo(const char *abbrev)
Definition expert.c:342

proto_tree_add_expert_format
WS_DLL_PUBLIC proto_item * proto_tree_add_expert_format(proto_tree *tree, packet_info *pinfo, expert_field *eiindex, tvbuff_t *tvb, unsigned start, unsigned length, const char *format,...)
Definition expert.c:776

proto_tree_add_expert
WS_DLL_PUBLIC proto_item * proto_tree_add_expert(proto_tree *tree, packet_info *pinfo, expert_field *eiindex, tvbuff_t *tvb, unsigned start, unsigned length)
Definition expert.c:762

expert_add_info_format
WS_DLL_PUBLIC proto_item * expert_add_info_format(packet_info *pinfo, proto_item *pi, expert_field *eiindex, const char *format,...)
Definition expert.c:690

expert_free_deregistered_expertinfos
void expert_free_deregistered_expertinfos(void)
Definition expert.c:367

proto_tree_add_expert_format_remaining
WS_DLL_PUBLIC proto_item * proto_tree_add_expert_format_remaining(proto_tree *tree, packet_info *pinfo, expert_field *eiindex, tvbuff_t *tvb, unsigned start, const char *format,...)
Definition expert.c:808

expert_deregister_protocol
void expert_deregister_protocol(expert_module_t *module)
Definition expert.c:354

expert_get_summary
WS_DLL_PUBLIC const char * expert_get_summary(expert_field *eiindex)
Definition expert.c:500

proto_tree_add_expert_remaining
WS_DLL_PUBLIC proto_item * proto_tree_add_expert_remaining(proto_tree *tree, packet_info *pinfo, expert_field *eiindex, tvbuff_t *tvb, unsigned start)
Definition expert.c:769

packet_info.h

proto.h

_packet_info
Definition packet_info.h:43

_proto_node
Definition proto.h:907

_value_string
Mapping between a 32-bit integer value and its string representation.
Definition value_string.h:33

ei_register_info
Definition expert.h:68

ei_register_info::eiinfo
expert_field_info eiinfo
Definition expert.h:70

ei_register_info::ids
expert_field * ids
Definition expert.h:69

expert_field_info
Definition expert.h:48

expert_field_info::same_name_next
struct expert_field_info * same_name_next
Definition expert.h:60

expert_field
Definition expert.h:39

expert_info_s
Definition expert.h:27

expert_module
Definition expert.c:48

hf_register_info
Definition proto.h:803

tvbuff
Definition tvbuff-int.h:36

value_string.h