Jaap Keuter skrev 2011-04-26 18:53:
Hi,
"Deprecated" as in "not recommended, but still possible, but maybe
dropped in the future".
I'll dissect that for you:
"not recommended": Using this feature is usually an indication of poor
design.
Using a generated field might be a better design.
/Anders
Now, exceptions make the rule, therefore very common abstractions,
like 'ip.addr' and 'tcp.port' are ok. They are non-discoverable for
the user though, that's the poor design part.
"still possible": The API required is still there, maybe not as
convenient, but this is for the exceptions only, so that is not a
problem.
"may be dropped": This feature might go away, so don't base your
design on it. Now, in reality, as long as IP addresses and TCP ports
remain common items, they won't go, so I don't see that happen any
time soon.
So, what's left? The API:
proto_item *ti = proto_tree_add....();
PROTO_ITEM_SET_HIDDEN(ti);
Thanks,
Jaap
On 04/25/2011 10:42 PM, Alex Lindberg wrote:
The latest version of epan/proto.h indicates that hiding protocol
fields is
deprecated. How does one then create a generic filter type like ip.addr?
I need to create a filter like ip.addr that can be used in place of a
more
specific one.
Thanks in advance.
Alex Lindberg
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
