Wireshark · Ethereal-dev: Re: [Ethereal-dev] dfilter-modifications and inclusion of lib_ethereal.so

[Guy Harris <gharris@xxxxxxxxx>]

Håvard H Garnes wrote:
> Hello. As part of mapi-development (mapi.uninett.no) I have made this
> patch to ethereals dfilter to extract information from packets. 
>
> Ths patch also includes lib_ethereal, which was developed as part of the
> scampi-project (ist-scampi.org) to link an ethereal-library into mapi
> for packet and protocol analysis.

So what's the difference between libethereal, a library that's already 
built as part of Ethereal (although note that we do *NOT* yet guarantee 
that its API will not change in incompatible ways!) and lib_ethereal?

> The new filter-addition is the keyword "return 'field'" which returns
> the field-value in place of a gboolean from dfvm_apply.

Do you have an example of how that would be used?

> The patch requires aclocal && automake && autoconf 

So does Ethereal, at least on UN*X; patches *must* require them, as 
patches that don't would be patches to Makefile.in, aclocal.m4, and/or 
configure files without patches to the corresponding Makefile.am, 
acinclude.m4, and/or configure.in files, and those patches would be 
rejected as they modify only generated files, not the files used to 
generate them.

> diff -ruN ../ethereal-0.10.11/epan/dfilter/grammar.c ethereal/epan/dfilter/grammar.c
> --- ../ethereal-0.10.11/epan/dfilter/grammar.c	2005-06-29 15:42:45.000000000 +0200
> +++ ethereal/epan/dfilter/grammar.c	2005-07-04 12:35:49.000000000 +0200

"grammar.c" is generated from "grammar.lemon", so it's sufficient to 
supply a patch for "grammar.lemon".