Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 8461] HPFEED dissector enhanced

Wireshark-bugs: [Wireshark-bugs] [Bug 8461] HPFEED dissector enhanced

Date: Mon, 11 Mar 2013 15:42:31 +0000

Comment # 7 on bug 8461 from Sebastiano Di Paola

(In reply to comment #6)
> Comment on attachment 10228 [details]
> patch to add json dissection to some honeypot messages
> 
> > 
> >+static const chan_str_elem chan_lookup_table[] = {
> >+    { "dionaea.capture", CH_DIONAEA_CAPTURE },
> >+    { "dionaea.dcerpcrequests", CH_DIONAEA_DCE },
> >+    { "dionaea.shellcodeprofiles", CH_DIONAEA_SHELLCODE },
> >+    { "mwbinary.dionaea.sensorunique", CH_DIONAEA_UINQUE },
> >+    { "kippo.sessions", CH_KIPPO_SESSIONS },
> >+    { "geoloc.events", CH_GEOLOC_EVENTS },
> >+    { "glastopf.events", CH_GLASTOPF_EVENTS },
> >+    { NULL, CH_EINVAL }
> >+};
> > 
> >+static gint8 lookup_channel_string(char* str)
> >+{
> >+    const chan_str_elem *ptr = NULL;
> >+    
> >+    for (ptr = chan_lookup_table; ptr->chan_name != NULL; ptr++)
> >+        if(!strncmp(ptr->chan_name, str, strlen(ptr->chan_name)))
> >+            return ptr->value;
> >+    return CH_EINVAL;
> >+}
> >+
> >+
> 
> Why don't use string_string table ? (and match_strstr)

Just didn't know about the existence of string_string table :)
I will update the code and re-submit the patch!
Thanks a lot!
Cheers,
Seba

You are receiving this mail because:

You are watching all bug changes.

References:
- [Wireshark-bugs] [Bug 8461] New: HPFEED dissector enhanced
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 5292] Wireshark Libraries on MacOSX are not properly linked
Next by Date: [Wireshark-bugs] [Bug 6438] Blank lines in Follow TCP Stream clipboard copy
Previous by thread: [Wireshark-bugs] [Bug 8461] HPFEED dissector enhanced
Next by thread: [Wireshark-bugs] [Bug 8461] HPFEED dissector enhanced
Index(es):
- Date
- Thread