On Thu, Feb 14, 2008 at 12:09:08AM +0000, yenan wrote:
> I am trying to output a paclet with a index field whihc is 20-bits
> long , If I use "guint32" to define the variable for "INDEX" field,
> and have the index value as "12345678", how can I chop the "678" off,
> and display only "12345" to the screen?
First, do not reply to someone else's message and change the subject.
This causes confusion for those of us who use threaded mail readers.
Compose a new message to wireshark-dev@xxxxxxxxxxxxx instead.
It sounds like you need to use a bitmask in the field registration (from
doc/README.developer):
bitmask
-------
If the field is a bitfield, then the bitmask is the mask which will
leave only the bits needed to make the field when ANDed with a value.
The proto_tree routines will calculate 'bitshift' automatically
from 'bitmask', by finding the rightmost set bit in the bitmask.
If the field is not a bitfield, then bitmask should be set to 0.
This bitmask (in hex) would go where the 0x0 usually is in a field
registration. See epan/dissectors/packet-vnc.c for a number of examples
(such as in &hf_vnc_zrle_rle).
Steve
