Wireshark-dev: Re: [Wireshark-dev] Filtering
Date: Tue, 31 Mar 2009 18:22:55 -0500
The only way to dissect this protocol is through the dll, i cannot create it soley in the plugin as is the design requirements. I'm working on functions that will show the bytes for the corresponding packet section and currently have all but the last level of dissection level of the protocol.


Guy Harris wrote:
> On Mar 31, 2009, at 3:53 PM, [email protected] wrote:
>> I think that answer my question. So it looks like my best bet is to  
>> use the hidden field and just go with bad UI eh?
> Your *best* bet might be to find a way of dissecting the packet that  
> doesn't involve your DLL, given the problems you've been having trying  
> to use it in Wireshark (probably because it was never designed for use  
> in Wireshark, and so is a bad fit for Wireshark; square pegs fit into  
> round holes only with a lot of hard pounding and perhaps some ugly  
> noises and damage to peg, hole, or both).
> Code such as
> 	time = (_GetMsgTime)();
> 	pi = proto_tree_add_text(icom_message_tree, tvb, 0, 0, "Time: %s",  
> time);
> is suboptimal UI even if you completely ignore filtering issues - you  
> can't click on the "Time: %s" line and see what packet data  
> corresponds to it, for example.