Peter Wu
changed
bug 2402
Comment # 18
on bug 2402
from Peter Wu
((In reply to Stig Bjørlykke from comment #1)
[..]
> 3. Disallow fields with same names and different types. (not an option?)
> This will break some of our dissectors, but may be easy to implement. I
> think this shall be possible tho, because we have a linked list with
> different fields and the same name.
Why would this not be an option? Because of different ideas that people have of
a field name?
I just looked at a dissector from Pascal's list and found for example that the
pflog dissector overloads pflog.daddr with FT_IPv4, FT_IPv6 or FT_BYTES
depending on whether or not it is being able to detect its type.
This would only be useful when you are using the field as filter ("all packets
with this pflog.daddr" field). Comparisons like pflog.addr == 1.2.3.4 or
pflog.addr == ::1 or pflog.addr == 11:22:33 are only meaningful with the
appropriate type.
Other dissectors have FT_NONE (ignore in display) combined with some other type
(FT_STRING). The FT_NONE should likely be ignored and it probably exists such
that the tree mentions the item, but with just the label. At other places the
value is still formatted.
I did not look past this, have you already looked for what reason dissectors
use different types? From a consistency point of view I think it would be nicer
to require the same field types for the same name.
You are receiving this mail because:
- You are watching all bug changes.
