Thanks for the solution, I had the same problem.
Its probably a good idea to also put;
item=proto_tree_add_uint(my_tree, hf_my_item, tvb, offset, length,
my_item_value);
PROTO_ITEM_SET_GENERATED(item);
That way Wireshark puts square brackets round the field to show it is
calculated.
If you select the field in the middle pane Wireshark will highlight in the
lower pane the tvb contents defined by 'offset' and 'length' to show what
raw data was used for the calculation.
Hal
From: Jaap Keuter <jaap.keuter@xxxxxxxxx>
Reply-To: Developer support list for Wireshark
<wireshark-dev@xxxxxxxxxxxxx>
To: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx>
Subject: Re: [Wireshark-dev] Trying to add computed value
Date: Mon, 27 Nov 2006 13:25:13 +0100 (CET)
Hi,
Did you use something like this:
my_item_value = 2 * tvb_get_ntohs(tvb, offset);
proto_tree_add_uint(my_tree, hf_my_item, tvb, offset, 2, my_item_value);
Thanx,
Jaap
On Mon, 27 Nov 2006 Andrew.Martin@xxxxxxxxxxxxxxxxxxxxxx wrote:
> Hiya
>
> I'm tring to get a calculated value to be displayed instead of the value
> pulled out of the packet. However all I get is the value in the packet.
> Can somebody tell an idiot what I need to do please!
>
> Cheers
>
>
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev
_________________________________________________________________
Get the latest Windows Live Messenger 8.1 Beta version.�Join now.
http://ideas.live.com
