Hello List,
I'm trying add a filter on the http command type (GET, POST etc). So
I've written the attached patch but I a) don't see this field in the
decode and b) filtering on http.command == GET or "GET" or 'GET' doesnt
work. As I'm not sure that this can work at all, I thought I'd ask
before spending more time on it.
Ciao
Jörg
--
Joerg Mayer <jmayer@xxxxxxxxx>
I found out that "pro" means "instead of" (as in proconsul). Now I know
what proactive means.
Index: packet-http.c
===================================================================
RCS file: /usr/local/cvsroot/ethereal/packet-http.c,v
retrieving revision 1.55
diff -p -u -r1.55 packet-http.c
--- packet-http.c 14 Aug 2002 23:34:20 -0000 1.55
+++ packet-http.c 23 Aug 2002 18:12:19 -0000
@@ -51,6 +51,7 @@ static int proto_http = -1;
static int hf_http_notification = -1;
static int hf_http_response = -1;
static int hf_http_request = -1;
+static int hf_http_command = -1;
static gint ett_http = -1;
static gint ett_http_ntlmssp = -1;
@@ -162,6 +163,7 @@ dissect_http(tvbuff_t *tvb, packet_info
proto_tree *http_tree = NULL;
proto_item *ti = NULL;
gint offset = 0;
+ gint cmdlen;
const guchar *line;
gint next_offset;
const guchar *linep, *lineend;
@@ -205,6 +207,16 @@ dissect_http(tvbuff_t *tvb, packet_info
format_text(line, linelen));
else
col_set_str(pinfo->cinfo, COL_INFO, "Continuation");
+ c = '\0';
+ for (cmdlen = 0; cmdlen < linelen; cmdlen++) {
+ c = tvb_get_guint8(tvb, offset+cmdlen);
+ if (c <'A' || c > 'Z') break;
+ }
+ if (c == ' ') {
+ proto_tree_add_item(http_tree, hf_http_command, tvb,
+ offset, cmdlen, FALSE);
+printf("offset: %d, cmdlen: %d.\n", offset, cmdlen);
+ }
}
if (tree) {
@@ -537,6 +549,10 @@ proto_register_http(void)
{ "Request", "http.request",
FT_BOOLEAN, BASE_NONE, NULL, 0x0,
"TRUE if HTTP request", HFILL }},
+ { &hf_http_command,
+ { "Command", "http.command",
+ FT_STRING, BASE_NONE, NULL, 0x0,
+ "HTTP command", HFILL }},
};
static gint *ett[] = {
&ett_http,
