Hi.
I have read Developer Manual, README.dissector and looked into few
examples, but could not find an answer to my question.
I have a dissector for a custom protocol, that is basically 4 bytes
length, 4 bytes msg_id and rest is packed protocol buffers message.
I am unpacking this protocol buffers message inside dissector and
would like to construct nice tree structure that represents this
message.
In wireshark 1.x I could do this easily using something like
proto_tree_add_text(gpbs_tree, tvb, 0, 0, "%s: %s", f->name, *(char **)m);
where gpbs_tree is my subtree that represents a message.
But in wireshark 2.x function proto_tree_add_text does not exists.
There is a similar function proto_tree_add_string_format, but second
parameter there is a hf_* field id.
As far as I understand, wireshark would like me to register all
possible fields in the beginning so I would have this hf_* for all
possible fields.
But is very very difficult, because my protocol buffers message can be
anything at all. Different values, array, submessages, etc...
What should I do in that case?
How do I construct nice tree without knowing what my field types are
before I receive network packet?
Thanks!
Marko.
