Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] color on a given line of packet detail

From: "Maynard, Chris" <Christopher.Maynard@xxxxxxxxx>
Date: Fri, 31 Oct 2008 20:49:02 -0400
Or use a coloring rule that applies whenever the bad condition occurs
(or do a combination of coloring rule and expert info).  Take a look at
the default coloring rules and you'll see examples of several dissectors
that do this.  For example, the "Checksum Errors" colors ip, tcp, udp,
... packets that detect various checksumming errors red/black.  Have a
look at any of those dissectors as examples to see how they accomplish
it.  packet-tcp.c, for example, makes use of both the expert info as
well as the coloring rule through "hf_tcp_checksum_bad".

> -----Original Message-----
> From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-
> bounces@xxxxxxxxxxxxx] On Behalf Of Jeff Morriss
> Sent: Friday, October 31, 2008 5:50 PM
> To: Developer support list for Wireshark
> Subject: Re: [Wireshark-dev] color on a given line of packet detail
> 
> 
> 
> wsgd wrote:
> > Hello all,
> >
> > I want to display in red (or ...) a line where there is an error, a
bad
> > value.
> > E.g. : a value for which there is  no string associated into the
> > value_string array.
> >
> > Is there a way to do it ?
> 
> Try the Expert Info APIs:
> 
> http://wiki.wireshark.org/Development/ExpertInfo
CONFIDENTIALITY NOTICE: The contents of this email are confidential
and for the exclusive use of the intended recipient. If you receive this
email in error, please delete it from your system immediately and 
notify us either by email, telephone or fax. You should not copy,
forward, or otherwise disclose the content of the email.