On Sun, Oct 15, 2006 at 12:32:48PM +0530, jaiswal.vikash@xxxxxxxxx wrote:
> While going through the README.developer file , I was trying to
> understand the tree concept but could not grasp much . Can anyone
> please provide some inputs to help me understand how the tree nodes
> are added and display tree gets built .
Let's go through the steps using a simple dissector as an example,
packet-daytime.c (I have included only the relevant code that builds the
tree and added comments in this e-mail). First of all, the upper-level
protocols generate their own tree. Your dissector is then given the
chance to add its own part of the tree:
- - - - - - - - - -
/* This is how we reference our new tree to add things to it */
proto_tree *daytime_tree;
/* This is how we add a new tree to the display by starting with a new
* item under the previous tree (such as UDP or TCP)
*/
proto_item *ti;
/* This statement adds an item to the current tree (named tree) with a
* new type called proto_daytime. It uses the packet data tvb, starts
* at tvb's position 0 and goes until the end of the packet (-1).
* FALSE means it is NOT little endian (network traffic is usually big
* endian).
*/
ti = proto_tree_add_item(tree, proto_daytime, tvb, 0, -1, FALSE);
/* This statement adds a new tree tied to the item we added above
* (note the reference to ti from above)
*/
daytime_tree = proto_item_add_subtree(ti, ett_daytime);
/* This statement adds a new item to our newly created tree,
* daytime_tree. The item added is called hf_daytime_string which is
* defined at the bottom of this dissector file. Again, it uses packet
* data tvb, starts at position 0 and goes to the end of the packet and
* is not little endian data
*/
proto_tree_add_item(daytime_tree, hf_daytime_string, tvb, 0, -1, FALSE);
- - - - - - - - - -
Does this help? Ask again if you need more details :)
Steve
