On Mar 31, 2009, at 11:56 AM, gogrady@xxxxxxxxx wrote:
Sorry to bother again, but i did have another question. If i use
proto_tree_add_text( ); for all my other branches, but still want to
be able to filter them, is there a way i can make a variable like
hf_icom_message, and set it to a value in dissect_icom() to be able
to filter it? For example, make:
{ &hf_icom_message,
{"Message", "icom.message",
FT_UINT16, BASE_DEC,
NULL, 0x0,
NULL, HFILL }
}
and have somewhere hf_icom_message = 6; in dissect_icom()
No, you can't do that. hf_icom_message is, as per my earlier mail,
*NOT* the value of the field - it's just an index for that field in
Wireshark's table of all fields.
and not use it for outputting anything, but just so i would be able
to filter in wireshark with something like icom.message==6?
You *could* add a hidden field, but that's not a good UI, in general -
if a field doesn't appear in the protocol detail pane, you can't, for
example, use a context menu on an instance of that field in the
protocol detail pane to construct a filter to match that value of that
field.
If you want to filter on a field, the answer is simple - *DON'T* use
proto_tree_add_text() for it!
