Wireshark-bugs: [Wireshark-bugs] [Bug 5956] kNet (KristalliNet) dissector for Wireshark
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5956
--- Comment #15 from Alexis La Goutte <alexis.lagoutte@xxxxxxxxx> 2011-10-01 07:36:16 PDT ---
Hi,
The Payload is the same between UDP/TCP/SCTP Transport Layer ? It is not
possible to make a unique function to dissect payload ?
>
> >proto_tree_add_bytes_format(payload_tree, hf_knet_msg_payload, buffer,
> >offset, 1, NULL, "PingID: %d", value);
> >
> >Why not use a hf (hf_knet_msg_payload_pingid...) by type of payload ?
>
> This was a little bit unclear. Can you clarify it a little bit more? I hope
> that the dissector will soon be in a good shape so it can be added to Wireshark
> :). I'll upload the new version of the dissector soon. Keep up the good work!
>
Create a header field (hf) by type of payload
Example
Replace
+ case PINGREQUEST:
+ case PINGREPLY:
+ value = tvb_get_bits8(buffer,offset * 8, 8);
+ proto_tree_add_bytes_format(payload_tree, hf_knet_msg_payload,
buffer, offset, 1, NULL, "PingID: %d", value);
+ break;
+ case FLOWCONTROLREQUEST:
+ value = tvb_get_bits8(buffer,offset * 8 + 8, 8) << 8;
+ value += tvb_get_bits8(buffer,offset * 8, 8);
+ proto_tree_add_bytes_format(payload_tree, hf_knet_msg_payload,
buffer, offset, 3, NULL, "New Datagram Rate: %d", value);
+ break;
by
+ case PINGREQUEST:
+ case PINGREPLY:
+ proto_tree_add_item(payload_tree, hf_knet_msg_payload_pingid,
buffer, offset, ENC_BIG_ENDIAN);
+ break;
+ case FLOWCONTROLREQUEST:
+ proto_tree_add_item(payload_tree,
hf_knet_msg_payload_flowcontrolrequest, buffer, offset, ENC_BIG_ENDIAN);
+ break;
Also for proto_tree_add_item, use ENC_NA/ENC_LITTLE_ENDIAN/ENC_BIG_ENDIAN for
encoding attribut (and not TRUE / FALSE it is deprecated )
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching all bug changes.
