Hi,
The display filter intially will be "proto1". While dissection, when I
hit the condition if "proto1" then I have to morph the display filter as
"proto1 || proto2".
In short,
if "proto1"
then "proto1 || proto2".
Thanks,
Purandhar
> Is the 2nd protocol known before hand? If so, then I don't understand
> why the display filter has to me modified on the fly.
>
> Can you describe the situation a bit more?
>
> Wouldn't it be something like:
>
> (other part of display filter) and (if proto1 then "|| proto2" )
>
> in which case, you could say:
>
> (other part of display filter) and ( (not proto1) or (proto1 and proto2) )
>
> right?
>
> --gilbert
>
> On 5/30/07, purandhar.krishnamurthy@xxxxxxxxxxxxxxxxxxxx
> <purandhar.krishnamurthy@xxxxxxxxxxxxxxxxxxxx> wrote:
>> Hi,
>>
>> I would like to create a conditional display filter. When a filter
>> criteria is hit on one protocol I would like to change the display
>> filter
>> so that it includes an OR'd reference to another protocol. How can I
>> update the wireshark code to modify a display filter on the fly ?
>>
>> Thanks in advance,
>> Purandhar Krishnamurthy.
>> _______________________________________________
>> Wireshark-dev mailing list
>> Wireshark-dev@xxxxxxxxxxxxx
>> http://www.wireshark.org/mailman/listinfo/wireshark-dev
>>
> _______________________________________________
> Wireshark-dev mailing list
> Wireshark-dev@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-dev
>
