Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-dev: Re: [Wireshark-dev] Register display filter / EIGRP dissector update

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Jochen Bartl <jochen.bartl@xxxxxxxxx>
Date: Wed, 12 Aug 2009 22:12:49 +0200
Hi Olivier,

Thanks. You have pointed me into the right direction.
proto_tree_add_string_format_value is what I'm looking for.

I've read the README.developer already, but I'm couldn't find good
examples for my problem. My other excuse is that I'm not a C coder. Next
time I'll have a look at examples in epan/dissectors/* before asking
those kind of questions ;-)

Best Regards,

Jochen


On Wed, 2009-08-12 at 20:37 +0200, wsgd wrote:
> Hello,
> 
> You want to do a filter on what ?
> - major integer value    ----------> add an integer field
> - minor integer value    ----------> add an integer field
> - "major.minor" text     ----------> add a text field with   
> proto_tree_add_string[_format[_value]]
> 
> Look at README.developer
> 
> 
> Olivier
> 
> 
> Jochen Bartl a écrit :
> > Hello.
> >
> > I have spent the last 2 days with adding IPv6, Stub Routing  and
> > Authentication TLV support to the EIGRP dissector.
> >
> > A lot of the proto_tree_add_text calls were replaced by
> > proto_tree_add_item, to make use of the display filter functionality.
> > However there are still some header fields, where special output
> > formatting is needed, like in line 569 (IOS Version, dissect_eigrp_sv).
> >
> >         ios_rel_major = tvb_get_guint8(tvb, 0);
> >         ios_rel_minor = tvb_get_guint8(tvb, 1);
> >         proto_tree_add_text(tree, tvb, offset, 2, "IOS release version:
> > %u.%u", ios_rel_major, ios_rel_minor);
> >
> > How can I register a display filter for a field, which was not added
> > with the proto_tree_add_item function?
> >
> > If someone is intersted in testing the code, sample captures can be
> > found here: http://trac.secdev.org/scapy/wiki/PacketsSamples
> >
> >
> > Any feedback on the newly added code would be much appreciated. I'll
> > submit patch request on bugs.wireshark.org of course, when the code is
> > well tested and cleaned-up.
> >
> >
> > Thanks in advance.
> >
> > Best Regards,
> >
> > Jochen
> >   
> > ------------------------------------------------------------------------
> >
> > ___________________________________________________________________________
> > Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> > Archives:    http://www.wireshark.org/lists/wireshark-dev
> > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
> >              mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
> 
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> Archives:    http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>              mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube