Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-dev: Re: [Wireshark-dev] changing the time

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Natalie Shapira <nd1234@xxxxxxxxx>
Date: Thu, 31 Jan 2013 07:42:33 +0200

Thanks.

Eventually I override
pinfo->fd->rel_ts
pinfo->fd->del_dis_ts

It looks good.

If I would have problems again, I will create separate column.
BTW, can you think about dissector who did it (adding column)? so I could use it as an example..
Natalie.

On Wed, Jan 30, 2013 at 2:44 PM, Evan Huus <eapache@xxxxxxxxx> wrote:
You can add the new timestamp as a regular dissected field. Wireshark
allows you to create columns out of arbitrary fields in dissected
packets.

Cheers,
Evan

On Wed, Jan 30, 2013 at 4:51 AM, Natalie Shapira <nd1234@xxxxxxxxx> wrote:
> Anyway, you gave me other idea. What about making new column of my_timestamp
> and sort by that column... Do I have the ability to add a new column from a
> dissector?
>
> On Wed, Jan 30, 2013 at 11:46 AM, Natalie Shapira <nd1234@xxxxxxxxx> wrote:
>>
>> I have no choice. It's a workaround for a hardware bug.
>>
>> On Wed, Jan 30, 2013 at 11:05 AM, Anders Broman
>> <anders.broman@xxxxxxxxxxxx> wrote:
>>>
>>> Hi,
>>> Those are the timestamps of packet arrival there should be no need to
>>> change them from a dissector - sounds like a bad idea to me.
>>> Regards
>>> Anders
>>>
>>> ________________________________
>>> From: wireshark-dev-bounces@xxxxxxxxxxxxx
>>> [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Natalie Shapira
>>> Sent: den 30 januari 2013 09:16
>>> To: wireshark-dev@xxxxxxxxxxxxx
>>> Subject: [Wireshark-dev] changing the time
>>>
>>>
>>> Hi everybody,
>>>
>>> It's my first question so, nice to meet you!
>>>
>>> I'm writing new dissector (plugin).
>>> I want to change the time of the packet.
>>> I tried to change pinfo->fd->rel_ts.secs and pinfo->fd->rel_ts.nsecs. It
>>> looks like I did it BUT, after sorting, not all packets are in the exact
>>> place.
>>>
>>> Do you have an example, idea or any recommendation?
>>>
>>> Thanks,
>>> Natalie.
>>>
>>>
>>> ___________________________________________________________________________
>>> Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
>>> Archives:    http://www.wireshark.org/lists/wireshark-dev
>>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>>>
>>> mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
>>
>>
>
>
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> Archives:    http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>              mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe

Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube