Hi,
6
thanks 1*10
works a treat, just proves there is now substitute for talent
Stuart
------------------
From: Guy Harris <guy@xxxxxxxxxxxx>
Subject: Re: [Wireshark-dev] new plug-in dissector - no packets,
displayed when dissector specific filter applied
On May 1, 2009, at 9:10 AM, Stuart Marsden wrote:
> hf_sslbp_type = frmtyp;
Don't do that. If you do that, then, even if you *do* correctly
attempt to add sslbp.frametype into the protocol tree, it will fail,
as the value assigned by Wireshark to hf_sslbp_type is an index into
an array of fields internal to the Wireshark core, and if you give it
a different value, it'll put the wrong field into the protocol tree.
> proto_tree_add_text(header_tree, tvb, offset+3, 1,
> "Frame type: %s", val_to_str(frmtyp,frame_type,"Unknown (0x
> %02x)"));
If you want sslbp.frametype to be in the protocol tree, do
proto_tree_add_uint(header_tree, hf_sslbp_type, tvb, offset+3, 1,
frmtyp);
If sslbp.frametype isn't in the protocol tree, any filter trying to
match it will fail, so you want it in the protocol tree.
See doc/README.developer in the source tree.
