I guess I misunderstood what you were trying to do.
Given:
n
Myproperty
o
X.409 Integer
§
Tag
§
Length
§
Value
I thought you just wanted a way to display the “Value” on the “Myproperty” row but that since you already added “Value”
to the tree, can’t you simply filter on the “Value” field, i.e., instead of a filter like
myprop.myproperty==0xFF, use something like
myprop.myproperty.x509integer.value==0xFF?
If you really want to be able to apply a filter like
myprop.myproperty==0xFF, then I think you’ll have to delay adding it to the tree until after you’ve dissected the “Value”, and then add it something like so:
local myproperty_tree = tree:add(pf_myproperty, buffer(offset, len), value)
Note here that since you’ve dissected the value, you must already know the
len, so you ought to be able to use len
and there should be no need to call set_len() later.
From: Wireshark-users [mailto:wireshark-users-bounces@xxxxxxxxxxxxx]
On Behalf Of Pawlowsky, Marc
Sent: Thursday, September 20, 2018 8:59 AM
To: wireshark-users@xxxxxxxxxxxxx
Subject: Re: [Wireshark-users] LUA set value for treeitem
Setting the text changes the display but does not appear to allow for the item to be filtered on.
Date: Wed, 19 Sep 2018 18:05:28 +0000
From: "Maynard, Chris" <Christopher.Maynard@xxxxxxx>
To: Community support list for Wireshark
<wireshark-users@xxxxxxxxxxxxx>
Subject: Re: [Wireshark-users] LUA set value for treeitem
Message-ID:
<67a8dad7ac044e7989c93f106d68ee07@xxxxxxxxxxxxxxxxxxxxxxxxx>
Content-Type: text/plain; charset="utf-8"
Yes, you can set the value using myproperty_tree:set_text(somestring)
For example: myproperty_tree:set_text(string.format("myproperty: 0x%02X", someval))
See Section 11.7.1.4 of the Wireshark Developer's Guide[1].
- Chris
[1]:
https://www.wireshark.org/docs/wsdg_html_chunked/lua_module_Tree.html#lua_class_TreeItem
From: Wireshark-users [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Pawlowsky, Marc
Sent: Wednesday, September 19, 2018 9:46 AM
To:
wireshark-users@xxxxxxxxxxxxx<mailto:wireshark-users@xxxxxxxxxxxxx>
Subject: [Wireshark-users] LUA set value for treeitem
Is there a way to set the value for a treeitem after the tree item has been created?
The problem:
I am writing a X.409 based decoder (similar ASN.1).
I have a property stored as an integer to decode.
I come up with a tree like:
n Myproperty
o X.409 Integer
? Tag
? Length
? Value
The length of the value field is variable.
I have a protofield for all treeitems.
For my property I am currently using
pf_myproperty = ProtoField.uint8("myprop.myproperty ", "myproperty", base.HEX)
I create the myproperty treeitem first, then drill down and create the treeitems underneath it.
To prevent the protofield from decoding nonsense I am setting the value explicitly
local myproperty_tree = tree:add(pf_myproperty, buffer(offset), 0)
After all the tree items are created I can set the length using myproperty_tree::set_len(len)
Is there a way I can set the value after creation?
I want to be able to filter on myproperty.
Something like myprop.myproperty==0xFF
I cannot find anything in
https://www.wireshark.org/docs/wsdg_html_chunked/lua_module_Tree.html
Thanks
Marc
CONFIDENTIALITY NOTICE: This message is the property of International Game Technology PLC and/or its subsidiaries and may contain proprietary, confidential or trade secret information. This message is intended solely for the use of the addressee. If you are not the intended recipient and have received this message in error, please delete this message from your system. Any unauthorized reading, distribution, copying, or other use of this message or its attachments is strictly prohibited.
