Wireshark-dev: Re: [Wireshark-dev] tree view structuring
From: Brian Oleksa <oleksab@xxxxxxxxxxxxxxxxxxxxxx>
Date: Wed, 05 Jan 2011 21:53:01 -0500
Guy Thanks for the reply.I do see all of these routines in my code (see below).....but I am not able to get it to work properly.
Can you provide me with a small example..?? Thanks, Brian Here is the code that I am trying to break up a little bit:In the Alares Control Extension...I would like to break up the 4 for loops (i.e. Number of Missing Messages, Number of Erasures, Last Heard and The Number of Last Known Transmitted Blocks for In Progress Messages)
void dissect_helen(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) {
proto_item *helen_item = NULL;
proto_item *helen_sub_item = NULL;
proto_tree *helen_tree = NULL;
proto_tree *helen_header_tree = NULL;
col_set_str(pinfo->cinfo, COL_PROTOCOL, PROTO_TAG_HELEN);
col_clear(pinfo->cinfo, COL_INFO);
if (tree) {
guint32 offset = 0;
guint32 orig_offset = 18;
nstime_t t;
guint64 msecs_since_the_epoch;
struct tm *tmp;
helen_item = proto_tree_add_item(tree, proto_helen, tvb, 0, -1,
FALSE);
helen_tree = proto_item_add_subtree(helen_item, ett_helen);
helen_header_tree = proto_item_add_subtree(helen_item, ett_helen);
helen_sub_item = proto_tree_add_item(helen_tree,
hf_helen_magic, tvb, offset, 2, FALSE);
offset += 2;
helen_sub_item = proto_tree_add_item(helen_tree,
hf_helen_checksum, tvb, offset, 8, FALSE);
offset += 8;
msecs_since_the_epoch = tvb_get_ntoh64(tvb, offset);
t.secs = msecs_since_the_epoch / 1000;
t.nsecs = (msecs_since_the_epoch % 1000)*1000000; /*
milliseconds to nanoseconds */
tmp = gmtime(&t.secs);
if (tmp != NULL)
{
proto_tree_add_time_format(helen_tree, hf_helen_txTime, tvb,
offset, 8, &t,
"Date: %s %2d, %d %02d:%02d:%02d UTC",
mon_names[tmp->tm_mon], tmp->tm_mday,
tmp->tm_year + 1900, tmp->tm_hour, tmp->tm_min,
tmp->tm_sec);
}
helen_header_tree = proto_item_add_subtree(helen_sub_item,
ett_helen);
{
#define MAX_BUFFER 1024
char *buf = (char*) ep_alloc(MAX_BUFFER);
char * packet_name = "";
proto_tree *helen_sub_tree = NULL;
offset = 18;
for (;;) {
guint16 code;
guint16 numBytes = 0;
guint unknownPacket = 0;
guint codeOffset;
offset = orig_offset;
code = tvb_get_ntohs(tvb, offset);
codeOffset = offset;
offset += 2;
switch (code) {
case 0: packet_name = "End of Packet";
break;
case 1020: packet_name = "New Alares Data Ext";
break;
case 1021: packet_name = "New Alares Control Ext";
break;
case 1022: packet_name = "Alares Tunnel Ext";
break;
case 1023: packet_name = "Alares File Ext";
break;
default: packet_name = "Unknown code";
unknownPacket = 1;
break;
}
g_snprintf(buf, MAX_BUFFER, "%s", packet_name);
if (unknownPacket) {
g_snprintf(buf, MAX_BUFFER, "Unknown packet: %d",
code);
}
helen_item = proto_tree_add_text(tree, tvb, codeOffset,
2, "%s", buf);
helen_sub_tree = proto_item_add_subtree(helen_item,
ett_helen);
if (code == 0) {
break;
}
numBytes = tvb_get_ntohs(tvb, offset);
offset += 2;
/*Alares Control Ext:*/
if (code == 1021) {
guint8 noem;
guint8 nolh;
guint8 noe;
guint8 nolktbfipm;
guint index1, index2, index3, index4;
//Elapsed Intervals
proto_tree_add_item(helen_sub_tree,
hf_helen_elapsedintervals, tvb, offset, 4, FALSE);
offset += 4;
//Healing Factor
proto_tree_add_item(helen_sub_tree,
hf_helen_healingfactor, tvb, offset, 2, FALSE);
offset += 2;
//Number of Missing Messages
noem = tvb_get_guint8(tvb, offset);
proto_tree_add_item(helen_sub_tree, hf_helen_noem,
tvb, offset, 1, FALSE);
offset += 1;
for (index1 = 0; index1 < noem; index1++) {
//Missing Data
//Session
proto_tree_add_item(helen_sub_tree,
hf_helen_missingdatasession, tvb, offset, 16, FALSE);
offset += 16;
//Message
proto_tree_add_item(helen_sub_tree,
hf_helen_missingdatamessagenew, tvb, offset, 2, FALSE);
offset += 2;
//Number of Erasures
noe = tvb_get_guint8(tvb, offset);
proto_tree_add_item(helen_sub_tree,
hf_helen_noe, tvb, offset, 1, FALSE);
offset += 1;
for (index2 = 0; index2 < noe; index2++) {
//Erasures
//Starting Block
proto_tree_add_item(helen_sub_tree,
hf_helen_startingblock, tvb, offset, 4, FALSE);
offset += 4;
//Ending Block
proto_tree_add_item(helen_sub_tree,
hf_helen_endingblock, tvb, offset, 4, FALSE);
offset += 4;
}
}
//Last Heard
nolh = tvb_get_guint8(tvb, offset);
proto_tree_add_item(helen_sub_tree, hf_helen_nolh,
tvb, offset, 1, FALSE);
offset += 1;
for (index3 = 0; index3 < nolh; index3++) {
//Sesseion UUID
proto_tree_add_item(helen_sub_tree,
hf_helen_sessionuuidlastheard, tvb, offset, 16, FALSE);
offset += 16;
//Message Number
proto_tree_add_item(helen_sub_tree,
hf_helen_messageNumber, tvb, offset, 2, FALSE);
offset += 2;
}
//Number of Last Known Transmitted Blocks for In
Progress Messages
nolktbfipm = tvb_get_guint8(tvb, offset);
proto_tree_add_item(helen_sub_tree,
hf_helen_nolktbfipm, tvb, offset, 1, FALSE);
offset += 1;
for (index4 = 0; index4 < nolktbfipm; index4++) {
//Sesseion
proto_tree_add_item(helen_sub_tree,
hf_helen_sessionuuidlasttransmitted, tvb, offset, 16, FALSE);
offset += 16;
//Message
proto_tree_add_item(helen_sub_tree,
hf_helen_messageNumber, tvb, offset, 2, FALSE);
offset += 2;
//Last Known Transmitted Block for In Progress
Message
proto_tree_add_item(helen_sub_tree,
hf_helen_lastKnownTranmittedBlockAlaresControl, tvb, offset, 4, FALSE);
offset += 4;
}
}
On 1/5/2011 3:35 PM, Guy Harris wrote:
On Jan 5, 2011, at 12:02 PM, Brian Oleksa wrote:I would like to do a little bit more structuring with my tree views. Is it possible to have a tree within a tree..??Yes. proto_item_add_subtree() takes, as arguments, a proto_item * returned by a proto_tree_add_ routine, and an ett_ value, and returns a proto_tree * for a tree placed underneath the item added by the proto_tree_add_ call; you can add items to that tree. This can be done to an arbitrary depth. The ett_ value identifies a particular type of subtree; if you expand one of them, Wireshark keeps track of that and, when you click on another packet, it automatically opens all subtrees of that type. If you close one of them, that gets turned off for that type. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list<wireshark-dev@xxxxxxxxxxxxx> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
- Follow-Ups:
- Re: [Wireshark-dev] tree view structuring
- From: Guy Harris
- Re: [Wireshark-dev] tree view structuring
- References:
- [Wireshark-dev] tree view structuring
- From: Brian Oleksa
- Re: [Wireshark-dev] tree view structuring
- From: Guy Harris
- [Wireshark-dev] tree view structuring
- Prev by Date: Re: [Wireshark-dev] tree view structuring
- Next by Date: Re: [Wireshark-dev] tree view structuring
- Previous by thread: Re: [Wireshark-dev] tree view structuring
- Next by thread: Re: [Wireshark-dev] tree view structuring
- Index(es):