Wireshark-dev: [Wireshark-dev] dissecting bits versus bytes
From: Brian Oleksa <[email protected]>
Date: Fri, 06 May 2011 09:21:50 -0400
I am used to getting a spec sheet of a packet that needs to be dissected 
and most of the time each part of the packet is in bytes.
For example: The first byte in the packet is the version number. So this 
is what I would do.
     proto_tree_add_item(myproto_sub_tree, hf_myproto_version, tvb, 
offset, 1, FALSE);
            offset += 1;

    { &hf_myproto_version,
            { "Version", "myproto.version", FT_UINT8, BASE_DEC, NULL, 0x0,
                NULL, HFILL}},

But now I was ordered to dissect a packet that the max size is in bits.

Since a byte is bigger than a bit.....how would you dissect this..??

version   (max field size = 4 bits)..??

Thanks,
Brian