Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] Dissect a packet base header bits

From: "Steven Le" <programminglist@xxxxxxxxx>
Date: Tue, 6 Mar 2007 23:46:33 -0800
Thanks. How can I register hf_foo_data? I want to print out binary data. On the other hand, the length of data is altered each time the message is sent .
tvb_get_length will get the length of current offset to end of payload, wont it?

Steven

On 3/6/07, Jaap Keuter <jaap.keuter@xxxxxxxxx> wrote:
Hi,

Oke, so how about reading the header and decide where to go from there.
Something crude like:

offset = 0
proto_tree_add_item(tree, hf_foo_header, tvb, offset, 1, FALSE);
header = tvb_get_guint8(tvb, offset);
offset++;

if ((header & 0xE0 == 0) || (header & 0xE0 == 0xE0)) {
  proto_tree_add_item(tree, hf_foo_message, tvb, offset, 20, FALSE);
  offset += 20;
}
if ((header & 0xE0 == 0x20) || (header & 0xE0 == 0xE0)) {
  proto_tree_add_item(tree, hf_foo_data, tvb, offset,
    tvb_get_length(tvb, offset), FALSE);
}

Thanx,
Jaap

On Tue, 6 Mar 2007, Steven Le wrote:

> Thanks jaap, here is more information:
>
> Header is 1byte and its format
> 7 6 5     4 3 2 1 0  bit
> type        XXXXX
> Messages is 20 bytes
> Binary data is unknown
> After getting the first 3 bits from header:
>
> Format of this payload will depend on the first 3 bits of header (bit Type
> field)
> -------------------------------------------------
>  Header|Message              if first 3 bits (type) is 000
>  Header|Binary Data                                         001
>  Header|Message|Binary Data                           111
> -------------------------------------------------
>
> On 3/6/07, Jaap Keuter < jaap.keuter@xxxxxxxxx> wrote:
> >
> > Hi,
> >
> > You'll have to provide a little more detail than this. What size are
> > header, message and data? Are they packed in a byte? format stuff like
> > that.
> >
> > Thanx,
> > Jaap
> >
> >
> > On Tue, 6 Mar 2007, Steven Le wrote:
> >
> > > I have to dissect this payload.
> > >
> > > Header  | message | data
> > >
> > > After getting the first 3 bits from header: 000 -> Header
> > >
> > 010
> > > -> Header|Message
> > >
> > 001
> > > -> Header|Binary Data
> > >
> > 011
> > > -> Header|Message|Binary Data
> > >
> > > How can I hand off from Header to certain block?
> > >
> >
> > _______________________________________________
> > Wireshark-dev mailing list
> > Wireshark-dev@xxxxxxxxxxxxx
> > http://www.wireshark.org/mailman/listinfo/wireshark-dev
> >
>

_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev