> When a capture file is initially loaded, all "visited" flags
> are 0. Ethereal then makes the first pass through file,
> sequentially dissecting each packet. After the packet is
> dissected the first time, "visited" is 1. (See the end of
> dissect_packet() in epan/packet.c; that's the code that
> sets "visited" to 1).
"visited" will be cleared if a "redissect" is done; a "redissect" is
done if some parameter is changed that would change the way some packets
are dissected, e.g. changing a protocol preference setting from the
"Edit->Preferences" dialog box, enabling or disabling a protocol from
the "Edit->Protocols" dialog box, changing the port->protocol
assignments from the "Decode As" dialog box, etc..
A "redissect" looks like the first pass through the file; each packet is
sequentially dissected (note that there is no guarantee that the "tree"
argument is non-null on the first pass or on a redissect, so your
dissector should, if it's building first-pass state information, *not*
do the state-building only if "tree" is non-null), and "visited" is 0.
Before a redissect, state information is discarded, and, if your
dissector has an "init" routine, it's called, so that your dissector can
discard any state information that the core of Ethereal doesn't know
about.
