Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: [Wireshark-dev] filtering not working

From: Brian Oleksa <oleksab@xxxxxxxxxxxxxxxxxxxxxx>
Date: Tue, 26 Jan 2010 09:58:55 -0500

Wiresharkers

My filtering does come up in the GUI wireshark window (when I type in helen.)...but when I hit the "apply" button on (for example: ) helen.flowname =="SA_EX ".. I get no matches.

Here is what I have in the code:

static gint hf_helen_flowname = -1;

static gint ett_helen_flowname = -1;

       { &hf_helen_flowname,
           { "Flowname", "helen.flowname", FT_STRING, BASE_NONE, NULL, 0x0,
           "Flowname", HFILL}},

&ett_helen_flowname,

proto_tree_add_string_format(helen_sub_tree, hf_helen_flowname, tvb, offset, 8, 0,
      "Flowname: %s", flowname);

In the tree... I will get as output:   Flowname:  SA_EX

So in theory... I should be able to do: helen.flowname == "SA_EX" correct..??

But when I do this... I get no matches.

Anybody know why..?? Or am I filtering wrong..??

Thanks,
Brian